Hacking ATM Machines with Just a Text Message

[sandabot]

As we reported earlier, Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million ATM machines are run on it. Microsoft's decision to withdraw support for Windows XP poses critical security threat to the economic infrastructure worldwide.

MORE REASONS TO UPGRADE

Security researchers at Antivirus firm Symantec claimed that hackers can exploit a weakness in Windows XP based ATMs, that allow them to withdraw cash simply by sending an SMS to compromised ATMs.

"What was interesting about this variant of Ploutus was that it allowed cybercriminals to simply send an SMS to the compromised ATM, then walk up and collect the dispensed cash. It may seem incredible, but this technique is being used in a number of places across the world at this time." researchers said.

HARDWIRED Malware for ATMs

According to researchers - In 2013, they detected a malware named Backdoor.Ploutus, installed on ATMs in Mexico, which is designed to rob a certain type of standalone ATM with just the text messages.

To install the malware into ATMs machines, hacker must connect the ATM to a mobile phone via USB tethering and then to initiate a shared Internet connection, which then can be used to send specific SMS commands to the phone attached or hardwired inside the ATM.

https://www.youtube.com/watch?v=53vjNDV4RAY

"Since the phone is connected to the ATM through the USB port, the phone also draws power from the connection, which charges the phone battery. As a result, the phone will remain powered up indefinitely."

HOW-TO HACK ATMs

Connect a mobile phone to the machine with a USB cable and install Ploutus Malware.

The attacker sends two SMS messages to the mobile phone inside the ATM.

-SMS 1 contains a valid activation ID to activate the malware

-SMS 2 contains a valid dispense command to get the money out

Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet.

Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus

Amount for Cash withdrawal is pre-configured inside the malware

Finally, the hacker can collect cash from the hacked ATM machine.

Researchers have detected few more advanced variants of this malware, some attempts to steal customer card and PIN data, while others attempt man-in-the-middle attacks.

This malware is now spreading to other countries, so you are recommended to pay extra attention and remain cautious while using an ATM.

Sauce

[sleed]

Cred ca tot de la Valceni a plecat asta.. Dar sistemul e interesant cum functioneaza.. Asa este un program, am vazut pe youtube, de fura datele de pe card,:

https://www.youtube.com/watch?v=GjOduug-SC8

[ZeroDoi]

Cred ca tot de la Valceni a plecat asta.. Dar sistemul e interesant cum functioneaza.. Asa este un program, am vazut pe youtube, de fura datele de pe card,:

Daca dadeau si ei niste detalii de unde sa facem rost de aparat sau cum sa il facem era si mai bine , stateam zilnic la metrou la unirii

[sandabot]

Daca dadeau si ei niste detalii de unde sa facem rost de aparat sau cum sa il facem era si mai bine , stateam zilnic la metrou la unirii

Aparent un RFID reader, m-am interesat si eu si se vand pentru 200$-750$ de inalta frecventa.

[sleed]

Dupaia te trezesti ca astia ) Va merge 1 luna, 2 luni pana faceti si voi vreo 30 k 40 k dupaia , va da de va saturati.. ZeroDoi, numa la prostii iti sta capu ))))=]]

[malsploit]

Daca dadeau si ei niste detalii de unde sa facem rost de aparat sau cum sa il facem era si mai bine , stateam zilnic la metrou la unirii

Inchidem thread-ul. Deja o dati in chestii ciudate cu vise umede.