In today's digital age, cybersecurity threats are evolving rapidly, and ATMs are no exception. A significant concern is that nearly 95% of ATM machines still run on the outdated Windows XP operating system. With Microsoft ending support for this OS on April 8, 2014, the banking sector faces a heightened risk of cyberattacks targeting these critical systems.
In late 2013, Symantec uncovered a new form of ATM malware called Backdoor.Ploutus, originating from Mexico. This malicious software allowed attackers to use an external keyboard to siphon cash from ATMs. Soon after, a more advanced version—Backdoor.Ploutus.B (commonly known as Ploutus)—emerged. Unlike its predecessor, it could be triggered via SMS, making it even more dangerous.
The attack process typically involves several steps:
1. The attacker installs Ploutus on an ATM and connects a mobile phone via a USB cable.
2. Two specific SMS messages are sent to the ATM’s built-in mobile phone using a remote controller.
- The first SMS contains a valid activation ID, which triggers the malware.
- The second SMS includes a command to dispense cash.
3. The mobile phone forwards the SMS as TCP or UDP packets to the ATM.
4. The ATM’s internal network monitoring module detects the packet and activates Ploutus if the command is valid.
5. Once activated, the malware causes the ATM to dispense a pre-set amount of cash.
6. The criminals then collect the stolen money.
Beyond Ploutus, Symantec has identified multiple other forms of ATM malware. Some are designed to steal user bank card details and PINs, while others may perform man-in-the-middle attacks. These threats highlight the growing vulnerability of ATMs and the need for increased awareness and stronger security measures.
To protect ATM systems from such threats, banks and financial institutions should take proactive steps. Although modern ATMs have improved security features, older machines running Windows XP remain highly susceptible to attacks. Additionally, the physical security of the internal computer in ATMs is a major concern—while cash is well-protected, the computer itself often lacks adequate safeguards.
Symantec recommends the following best practices to enhance ATM security:
- Upgrade the operating system to Windows 7 or Windows 8.
- Implement strong physical protection and install surveillance systems.
- Lock the BIOS to prevent unauthorized booting from external devices like USB drives or CDs.
- Use full disk encryption to prevent tampering with the hard drive.
- Deploy system lock-in solutions such as Symantec Critical System Protection.
These measures significantly reduce the risk of successful attacks. Furthermore, Symantec has stated that its current security solutions will continue to support Windows XP for the short term. However, they strongly advise users still on the outdated OS to upgrade to a newer version as soon as possible to ensure long-term protection.
5050 Dome Lens SMD LED
Catalog of Dome Lens SMD LED.
We are Dome Lens SMD LED manufacturer from China.
All of our product are meet with Reach, CE, RoSH, SGS, EN62471 standards.
Dome lens SMD LED are a perfect replacement for Through-hole LED, which is ideally suited for electronic assembly applications and the power can be 0.1W, 0.2W, 0.3W, 0.4W, 0.5W, 1W, 3W ect..
Angle like: 30 Degree,60 Degree,90 Degree are available.
5050 Dome Lens SMD LED
2835 Dome Lens SMD LED
We have 100% product testing system and excellent after-sales service and technical support. At the same time, We offer five years of warranty for you. Looking forward to cooperate with you. The highest quality won't let you disappointment.
Dome Lens SMD LED,Dome SMD LED Lens LED Red,Dome SMD LED Lens LED Yellow,Dome Lens SMD LED For Outdoor Wall
Shenzhen Best LED Opto-electronic Co.,Ltd / BESTSMD CO LIMITED(HK) , https://www.bestsmd.com