
Hackers text ATMs for cash via Windows XP flaws - yiedyie
http://www.zdnet.com/hackers-text-atms-for-cash-via-windows-xp-flaws-7000027672/
======
Hopka
So it's not as easy as walking into your bank, sending a text message to the
ATM and walking out with a lot of free money.

You actually need physical access to a USB port of the ATM which is hidden
somewhere inside. So I guess the hack here is that the money inside an ATM is
very well hidden and even protected by exploding paint barrels so it cannot
normally be stolen even with physical access for a long period of time. But it
is possible to get the Windows XP based software to dispense money from the
safe by injecting a trojan through USB.

Unfortunately, the article does not make that very clear.

~~~
somesay
Also you have to get to an USB port, seems like attackers know for some ATMs
where to cut a hole in for that. But the real problem is that the machine
isn't isolated well enough through hardware design. Just imagine you could
access and replace the HDD. While it may use an XP exploit, that's not the
real problem.

Since the life time end of normal XP (not even the embedded version), those
"XP will doom our money" news spawn everywhere for no good reason.

TL;DR: It's primary a hardware design issue.

------
emeidi
"a cyberattacker must connect the ATM to a mobile phone via USB tethering"

I've never seen ATMs (at least here in Switzerland) which you could just walk
up to and plug in a USB device. Do Mexican ATMs come with USB ports on the
front of the device?!

Don't forget:

"Law 3: If a bad guy has unrestricted physical access to your computer, it's
not your computer anymore." [http://technet.microsoft.com/en-
us/magazine/2008.10.security...](http://technet.microsoft.com/en-
us/magazine/2008.10.securitywatch.aspx)

~~~
aidos
There was an article on here recently about a technique using this attack.
Transpires that the usb port is under the cover at the front of the device,
you just need to know where to cut the hole.

EDIT: Found it.
[https://news.ycombinator.com/item?id=6984821](https://news.ycombinator.com/item?id=6984821)

The most wonderful part is that whoever wrote the software had the insight to
add a phone verification step so other crooks couldn't run off with their
software.

------
NPC82
Infographic has it all:

[✓] Trojan horse in physical, symbolic, form.

[✓] Fluffy cloud to represent network "stuff".

[✓] Shopping cart full o' ca$h.

~~~
lucio
Seems to be straight from The Onion

------
nemasu
Looks like it needs physical access to ATMs USB port. Isn't the physical
access most of the problem?

------
joelennon
This is hardly an XP specific vulnerability. If the attacker can access an
ATM's USB port they could probably achieve this regardless of the OS.

~~~
yiedyie
[citation needed]

~~~
Sanddancer
Vulnerable USB drivers exist in pretty much every OS. For example, here's a
vulnerable USB driver under Linux:
[https://labs.mwrinfosecurity.com/system/assets/153/original/...](https://labs.mwrinfosecurity.com/system/assets/153/original/mwri_caiaq-
usb-drivers-buffer-overflow_2011-03-07.pdf) , and a vulnerability in the FAT
filesystem: [http://people.canonical.com/~ubuntu-
security/cve/2013/CVE-20...](http://people.canonical.com/~ubuntu-
security/cve/2013/CVE-2013-1773.html) . Those were found with real simple
googling, I could find others with a tiny bit more work. Unfortunately, most
kernel development teams do not spend anywhere near the time they should
ensuring that the code they write is hardened and modular, so such attacks
will only continue until we demand better development hygiene.

------
BuildTheRobots
I was discussing this the other day with my friend. To the best of my
knowledge (and please, if you know better then let me know) these attacks are
only effective against the portable ATM machines like you'd find in small
shops rather than "fixed installations".

As much as windows XP probably makes barriers to entry easier (well, that
combined with generic locks) is this really much different to what Barnaby
Jack was doing back in 2010 at Defcon[1]?

[1]
[http://www.youtube.com/watch?v=bidDXuM4-2E](http://www.youtube.com/watch?v=bidDXuM4-2E)

------
yiedyie
Would be interesting to see if NSA mounted those hardware exploits in ATMs,
that would mean that you just need proximity to the ATMs. Or to think even
bigger what if those trading robots hardware have those exploits?

NSA already affected the Web giants and Internet Security. If technical
details on those hardware exploits, leak and make their way to a restricted
few or the public then financial hardware is at risk and with it the financial
industry.

With Russia having Snowden, I think those US bonds are not the only way that
could inflict some damage.

------
ilovecookies
wow, the first cool hacking news I've read here so far

