We’ve seen different ways of how hackers gain control of an ATM to steal money in the past, but Symantec’s blog post reports of a recent method to make ATMs dispense cash and it just involves a text message. They added that one of the main reasons ATMs are easily hacked is because of the use of an outdated Microsoft XP.
According to the post, there’s a 3-step process before the ATM starts spewing cash:
First is when hackers install a Trojan virus called Backdoor.Ploutus.B (referred to simply as Ploutus) unto the computer of the ATM via USB tethering.
When a full two-way connectivity is established, specific SMS command messages from a second phone far away are then sent to the tethered phone. The phone receives the message with the required format and converts it into a network packet, then forwards it to the ATM’s computer through the USB cable.
The embedded Ploutus in the computer starts up and basically commands the ATM to begin dispensing cash, just about the same time an accomplice goes to the ATM to ‘withdraw’ money.
Symantec pointed out a couple of factors that could make ATMs vulnerable to these attacks and one of the main reasons is the present use of an outdated Windows XP. They advised the owners to upgrade to the latest operating system not just for features, but also for security.
To go into the detailed process of how the whole operation is done, head over to Symantec’s blog on the source link.
{Source}
gmagastos ng malaki ang mga banko sa microsoft at security software, pde nman sila gmamit ng linux software, kung ikkumpara linux is by far ahead of competition thru security, kung may problema man sa security flaw agad nman update nila, simpleng logic lng yan, bat pa sila mag ppartner sa compny na pniperahan lng sila nananakawan pa ng mga hacker, OpenSource lng solusyon jan
Inside job yan, cnu b nmang programmer ggawa ng mag install ng malware sa atm sa publiko mliban nlang kung before isalpak sa public ung atm, ska tuwing mag iincash ang empleyado ng banko
may msabi lng symantec pra bilhin products nla, pti microsoft nkisama nrin pra sa license ng mga OS’s nla dumb
mukang d ka mahilig manood ng balita lol may cinacarnap nga n mga sasakyan sa mga matataong lugar e hahaha kung may mga nakakapagnakaw ng vault ng mga atm n mas lubhang kapansinpanshin edi mas lalong madaling gawin to hahahaha
may npanuod kna ba sa blita n may nag salpak ng usb drives pra mag lagay ng virus, kung wala tumahimik ka
FUCK LOGIC.HAHAHA d ibig sabihin na walang nakikitang balitang ganito sa TV d na nangyayare. tulad ng sinabe ko dun sa nauna kong comments,di lahat ng atm may cctv kaya d lahat may ebidensya. posibleng wala pa talagang nahuhuli na may gumawa nito dahil pedeng hidi nadetect n may nagnanakaw na sa atm,posibleng nalaman lng nila tong trojan nung may nadetect sila sa computer;pedeng ung isang empleyado eh chinecheck ung computer tas may nascan sya na virus…pero nung oras na iniinstall nila at nagnanakaw na sila ng pera d sila nadetect.kuha mo punto ko? BOBO
BOBO basahin mo unang comment mo ng sumiksik sa utak mo yang kbobohan mo, pnapaikot mo lng sarili mo sa kbobohan mo, gnamit mo pa ung balita, tas iddefend mo sarili mo ng mali, nkapag aral kba???
WOW.so di mo nga talaga gets punto ko.hahahahah hindi po jan ung panonood ng tv ung highlight,ung mismong carnap na news.sinabe ko lng yan na d ka nanonood kase yan ung mga tipo ng balita na laganap sa paligid;kahit sa tv.kuha?hahaha oo naman nakapagaral ako hahaha ikaw ang hinde halaat sa pananalita mo puro ka lng pagmumura wala namang sense mga sinasabe mo haha
@wew
Nakakaawa ka talaga. hahaha!!
@jake debate’s over hahaha di na kayang idefend ung wlaang kwenta niyang punto kaya yan na lng nasasabe hahahaha
Ang weird pa dito, Windows was never really that stable in the first place, bakit ito ginawang OS ng ATM manufacturers? tapos ambilis pa ma outdate. Sana Mac or Linux based nalang. *thinking out loud*
@jake debate’s over haha wala k n masabe para madefend mo ung napakawalang kwenta mong punto kaya yan n lng sinasabe mo hahahaha
@wew
Nakakaawa ka, sana umayos ang pagiisip mo.
well I am not really into ATM ok anything…sa idea ko lang, possible na hinde inside job ang pedeng mangyari dyan…pedeng yung mga subcon ng baks na taga ayos ng system ng mga ATM ang pedeng masangkot dyan. I mean, pedeng lagyan lang nila ng virus yung device na gagamitin ng mga bank then if they use it without them knowing the virus, then use it to access the ATM, virus infected na yung machine.
Well yun lang ang idea ko…hehehehe magulo ata! HAHAHAHA
Anyway, just be safe na lang mga people.
@wew
Please refer to this link.
https://www.youtube.com/watch?v=IzJam3l7iXE
Ang dami mong sinasabi. Bobo ka naman
wrong grammar na nga inulit pa ung info sa blog.. anebeyen… may masabi lang?
that’s what you call paraphrasing lol. ^_^
pota anu ba problmea mo lahat na pinansin mo. eh anung gusto mong gawin nila?magimbento?eh kaya nga may source ibig sabihn may pinaggalingan….malamng talagang mauulit at mauulit.
they are million of ATM around the globe…90% of them using old version of os they if they purchase OS for atm…microsoft got billion $ money…
hindi naman yan hacker, inside job yan hahahaha
Nagtaka nga din ako, sino ba nakaka access ng usb ng ATM? May usb ports ba mga atm sa Harap? Sloppy banks yan kung na access ng regular people yung parts ng ATM!
Microsoft marketing strategy :)
feeling ko rin. pinabibili na nila ng licensed software yung mga manufacturers.
inside job to
WTF talaga! Kunin na lang mismo yung ATM -> http://www.philstar.com/opinyon/478576/nakawan-ng-atm-sa-slex-nasangkot-ang-bitag.
ok WTF is this logic? If you can install a USB or Phone inside the ATM? It means you already open the machine, why not just get the cash inside instead?
Pahihirapan mo pa sarili mo gumawa ng trojan, tapos magtetext ka pa.
;-)
Even if you have access to the atm, it doesnt mean that you have access to the cash because it’s inside the vault. Judging from your comment, you dont know how an atm works.
this comment gave me brain cancer.
@Cypher
Hindi mo ata naintindihan, kahit may vault pa yan makukuha mo yung vault. Binuksan mo yung machine, meaning walang nakakakita sayo, like cctv, person. If you have a will to open it, you have the guts to get the cash by all means.
Actually meron video sa youtube, kinuha nila yung vault ng machine within a minute.
Judging from your comment, your a pessimistic person.
you mean nahahack din ang de-susi na vault ng atm?
@tets
Naaawa ako sayo.
@Jake wow ang galing mo naman.edi sana kung ok talaga yang idea mo edi d na dapat sila nagpakapagod gumawa ng virus.sa opinyon ko mas maganda ung idea na paggamit nitong trojan,kaysa naman sa sinasabe mong pagkuha ng mismong vault(na mabigat at malaki haha).most likely kayang gawin tong paglalagay ng trojan kung walang gwardiya at cctv ung atm(assuming na hindi siya nakakabit sa banko…ibig sabihin magrerely lng ung atm sa sarili nitong security).kahit may mga tao sa paligid,basta d naman ganun kalapitan magagawa nilang mailagay ung trojan kasi d naman ganun kapansinpansin.kaya nilang magwithdraw ng pera ng hindi napapansin.tska d mapapansin na ninakawan ung atm,atleast by physical means.eh panu kung ung idea mo ang ginawa?kailangan talagang wang halos katotao sa paligid.magiging kapansinpasin din kayu kase d naman kaya ng isang tao lng ung pagkuha ng vault.and last,d mo maitatago ung crime mo ng mahabang oras,kasi halatang kinuha ung vault.eh pag ung trojan,pede cguro mapansin nila pag irereplenish na uli ng pera ung atm,o pedeng d na talaga mapansin.
@wew
Refer to this link.
https://www.youtube.com/watch?v=IzJam3l7iXE
Ang dami mong sinasabi. Bobo ka naman
the video you shared shows how a robber works his way into the atm. A hacker would not bomb his way inside the vault. Yun ba gusto mo ipaintindi sa amin?
@jake ayun!sabe na eh bobo ka hahaha.d mo binasa comment ko noh?o binasa mo ng ilang beses pero d mo naintindihan kase bobo ka?hahaha ang punto ko,bat ka pa gagamit ng trak,maraming tao,pwersa para manira para magnakaw na alm mong makaiiwan ka ng bakas at malalaman kaagad ng iba na nagnakaw ka?kung pede naman na maglagay ka lng ng trojan,na kung tutuusin puhunan mo lng eh utak mo pati computer pati kuryente para makagawa ka,at makapagnakaw ng limpak-limpak ng walang nakakapansin?2lad ng sinabe ko baka nga d madetect na may nagnakaw sa atm nila…baka nalaman lng nila nang may nakita silang virus sa loob ng computer.ayan po ung punto ko ah,tagalog pa yan.dangbobo mo na pag d mo p naintindihan.
@wew
Nakakaawa ka, sana umayos ang pagiisip mo.
@jake talaga lang huh?haha wala ka na bang masabe kaya ganyan na lng nasasabe mo?d mo na madefend ung sinasabe mo?mahina ka pla eh ok sana kung walang halong panlalait ung opinyon mo,walang titira sau.next time kase kung gagamit ka ng panlalait siguraduhin mong tama ka,kakahiya e bobo ka naman pla.