Security vulnerability found in ATM machines running on Windows XP in Russia
Security vulnerability found in ATM machines running on Windows XP in Russia. All ATMs that are still running on Microsoft’s 16-year-old Windows XP operating system are at the risk of getting hacked easily, as the OS is no longer supported by the Redmond giant except for emergency security patches (for instance, patch blocking the WannaCry ransomware released this year).
An employee of Russian blogging platform Habrahabr recently discovered that the ATMs operated by the state-owned bank Sberbank running Windows XP has inherent security vulnerabilities that can be easily exploited by hackers.
According to the user, a full-screen lock that prevents access to various components of an ATM operating system could be bypassed by turning on the Sticky Keys when special keys like SHIFT, CTRL, ALT, and WINDOWS were pressed 5 times.
By pressing SHIFT key 5 times in a row, it allowed access to Windows settings and displaying the taskbar and Start menu of the operating system giving users to access deep within Windows XP from the touchscreen. This vulnerability allows hackers to deploy malicious software or modify ATM boot scripts.
According to the German website WinFuture, Sberbank had been informed of this vulnerability almost two weeks ago that there was a security breach at its ATM machine. While the bank promised to fix the problem immediately, the user who discovered the flaw claimed that when he visited the terminal again, he discovered that the bug hadn’t been fixed.
Since the security vulnerability found in ATM machines Microsoft has urged banks to update the latest version of Windows for ATMs to avoid scams or attacks.
Most Popular Training Courses at Indian Cyber Security Solutions
Summer Training for CSE, IT, BCA & MCA Students
Network Penetration Tester Training
Python Programming training
CEH V9 training
Diploma in Web Application Security
Certified Web Application Penetration Tester
Certified Android Penetration Tester
Certified Python Programming
Advanced Python Training
Reverse Engineering Training
Amazon Web Services Training