Respected blogging sites, Gizmodo and ZDNet both posted entries this week, lamenting the fact that too many banks still run their core services on the soon-to-be-retired Windows XP operating system. (That's soon - as in this April 8!) What this means is that come April 9 Microsoft will cease to issue patches and fixes. This is scary news for every facet of banking, but great news for hackers who can hardly wait. According to researchers at Symantec, over 95% of ATMs run on XP.
As for the hackers, it looks like a few couldn't wait.
Enter Backdoor. Ploutus
An XP vulnerability was discovered in Mexico, giving rise to Backdoor.Ploutus, a malware quickly written to take advantage of it. So fast has it spread, that the English language version Backdoor.Ploutus.B has crossed the border. The scheme involves using a smartphone to remotely control an ATM. Once the phone has been connected to the ATM, all the hacker ring has to do is text instructions to the compromised ATM and go collect the cash.
Enter A Fix - An IP Camera Security System
We interrupt this blog to point out that if ATMs are monitored by an IP camera surveillance systems and IP camera recording software, the hacker doing the grunt work of drilling into, or prying open an ATM to attach the phone can be detected, and authorities alerted. Failing that, at least an IP recording system can provide forensic evidence. And that would be the end of the story.
But sad to say, that's not always the case. Not all ATMs are so equipped, so here's what happens.
The Logistics of Backdoor.Ploutus
The foot soldier hacker first has to physically get into the workings of the ATM to reach its USB port to attach the phone via a USB cable, thus creating a shared Internet connection through which it will send SMS commands to the phone, making the phone a virtual accomplice. The phone will then convert the SMS messages into network packets and send them through the USB cable to the ATM.
- The first SMS will contain an ID code which will unleash Backdoor.Ploutus.B
- The second will send a valid release command instructing the ATM to dispense the money. And of course, wouldn't you just know - another foot soldier hacker will just happen to be there to take the money and run.
Meanwhile, Back to the Bank
- upgrade to Windows 8
- install a covert IP camera
Whether you're a banker or not, Kintronics has all the information you need to help you choose the best IP camera systems to fit your needs. Ad if you're looking for IP door access control or PA over IP we can help there too. Give us a call at 914-944-3425 or fill out an information request form and a sales engineer will get right back to you.