Hackers use SMS to get cash from ATMs

Share it:
Microsoft is going to drop out Windows XP from its service from next month, and about 95 percent of the ATM's all over the world will get effected by this, as All ATM's machine runs on Microsoft Windows XP. This is will be the major problem for all the Banks worldwide. Some of the Banks have decided to pay sum of the amount to Microsoft to keep the security update. But India is the only country who is migrating from Windows to Linux, and applying  their own developed Linux distro "BOSS" to ATM's through out the country.

As usual ATM are in the target of cyber criminals from a long wide, and once again hackers have found the new way to get the pay from the ATM in a illegal way. According to the Symantec, hackers have found a way to steal money from ATM's using a text message. This attack was first noticed by the firm in late last year, when the attacks were happening in Mexico.

On Monday, Symantec made a post which stats that Firm have noted a new malware called Backdoor.Ploutus. The Ploutus malware allows attackers to send an SMS message to a phone that is attached to an ATM. The ATM will then spit out the amount of money requested.


Symantec explains "The attacker first needs to upload the Ploutus malware to the ATM using either a USB drive or a CD-ROM.Once Ploutus has been uploaded, the attacker also needs to attach a cell phone to the ATM using USB tethering. This allows the ATM and the cell phone to share an Internet connection while simultaneously charging the cell phone. The attacker then needs to send the attached cell phone two SMS messages. According to Symantec, the first “must contain a valid activation ID in order to enable Ploutus in the ATM” and the second “must contain a valid dispense command to get the money out.” The Ploutus malware will then tell the ATM to dispense a preset amount of money, which is then picked up by what Symantec calls a “money mule.”

To prevent this attack, Symantec recommends to update the operating system from XP to Latest version. Apart from this, physical security also to be taken, as attacker cannot be done entirely remotely. Symantec also recommends full-disk encryption and preventing booting up from unauthorized disks or USB drives.


You can also Check the Video Demonstration by Symantec.

Share it:

Internet

News

Security

Windows

Post A Comment:

4 comments:

  1. Great work....This website is good for Tech updation

    ReplyDelete
  2. I've been scammed over $10,000 by wuhack247.club and wuhacker.ru and i said to myself, I will never used such service again, but after i bumped into this page and saw the recommendation by the Admin and also some people also testifying they are legit, I had to give them a trial on blind fate hoping whatever came out of this i'll just accept it. But to my greatest surprise, I ordered for $6000 ATM, after my payment is confirmed I got my ATM, I was so happy that i finally got the legit ATM vendors, Ever since then they blessed me with this card I am now one of their VIP customers. so happy by the help of this site. :) contact atm.h@hackermail.com or atmhacking01@gmail.com

    ReplyDelete
  3. This comment has been removed by the author.

    ReplyDelete
  4. Do you need hackers for hire? Do you need to keep an eye on your spouse by gaining access to their emails? As a parent do you want to know what your kids do on a daily basis on social networks ( This includes facebook, twitter , instagram, whatsapp, WeChat and others to make sure they're not getting into trouble? Whatever it is, Ranging from Bank Jobs, Flipping cash, Criminal records, DMV, Taxes, Name it,he will get the job done.He's a professional hacker with 20 Years+ experience. Contact him at dragonhhacker@gmail.com ... Send an email and Its done. Its that easy, Daura referred you

    ReplyDelete

Follow by Email