Follow Us on WhatsApp | Telegram | Google News

Hackers use SMS to get cash from ATMs

Table of Contents
Microsoft is going to drop out Windows XP from its service next month, and about 95 percent of the ATMs all over the world will get affected by this, as All ATM machine runs on Microsoft Windows XP. This is will be a major problem for all Banks worldwide. Some of the Banks have decided to pay a sum of the amount to Microsoft to keep the security updated. But India is the only country that is migrating from Windows to Linux, and applying its own developed Linux distro "BOSS" to ATMs throughout the country.

As usual, ATMs are the target of cyber criminals from a long wide, and once again hackers have found a new way to get pay from the ATM in an illegal way. According to Symantec, hackers have found a way to steal money from ATMs using text messages. This attack was first noticed by the firm late last year when the attacks were happening in Mexico.

On Monday, Symantec made a post that states that the Firm has noted a new malware called Backdoor.Ploutus. The Ploutus malware allows attackers to send an SMS message to a phone that is attached to an ATM. The ATM will then spit out the amount of money requested.

Symantec explains "The attacker first needs to upload the Ploutus malware to the ATM using either a USB drive or a CD-ROM. Once Ploutus has been uploaded, the attacker also needs to attach a cell phone to the ATM using USB tethering. This allows the ATM and the cell phone to share an Internet connection while simultaneously charging the cell phone. The attacker then needs to send the attached cell phone two SMS messages. According to Symantec, the first “must contain a valid activation ID in order to enable Ploutus in the ATM” and the second “must contain a valid dispense command to get the money out.” The Ploutus malware will then tell the ATM to dispense a preset amount of money, which is then picked up by what Symantec calls a “money mule.”

To prevent this attack, Symantec recommends updating the operating system from XP to the Latest version. Apart from this, physical security is also to be taken, as attackers cannot be done entirely remotely. Symantec also recommends full-disk encryption and preventing booting up from unauthorized disks or USB drives.
Read Also
  1. Anonymous
    Great work....This website is good for Tech updation
  2. Anonymous
    This comment has been removed by the author.