The ATMs of different banks, a lot of them work on Windows XP. A version that is not only obsolete, but also insecure due to the lack of official support from Microsoft. But if in addition to the inherent insecurity of Windows XP is added a bad configuration of the device, then the question itself is worrisome and this video shows it with a simple ‘hack’ of the cashier with just pressing the same key five times.
Fortunately we can be calm in Spain, because this serious vulnerability of ATMs has been found in Russia, and affects Sberbank devices. These ATMs come with Windows XP installed, and apparently the security problem has to do with the screen lock that prevents taking control of Windows XP. That is, the vulnerability is as simple as a lack of protection over the barrier between the bank’s interfaceand the complete control of the terminal through Windows XP. It is possible to skip the restrictions, as they have shown, by just pressing a key five times.
The cashiers with Windows XP return to be news for their lack of security
In this specific case, you simply have to press the Shift key five times and, once this is done, follow a pulse pattern to eliminate the system access alerts. The taskbar and the Start menu appear in the full access to the system, and it seems that it has not yet been resolved. Once the computer is accessed in this way, an attacker could launch scripts to automate actions on the ATM, or simply deploy any ATM control software.
This problem is not typical of Windows XP but a bad configuration of the blocking of the bank’s interface. However, there is another problem that is also worrisome, and despite the fact that there are versions of Windows XP released in 2014, some banks still use facilities from the year 2001. That is, if Windows XP is already insecure in its latest versions due to the lack of updates, this situation is even worse because they do not even have the latest version of the Microsoft operating system.