No. 1 Story
ACCC clears Optus to scrap HFC network and use NBN instead
The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read moreRelated Articles
Windows, cash, machines, can, steal, your, PINYou might think that thousands, nay millions of people will be on the Internet...
Security vendor Sophos claims that presently Apple is not displaying the correct name for...
A majority of a Windows users sample have indicated that the latest
critical vulnerability in...
Three years from now, most home computers may be Apple Mac OSX boxes rather...
Microsoft has identified no less than eight critical flaws in its Windows and Office...
More From
Windows XP cash machines can steal your PIN
Davey Winder
Thursday, 04 June 2009 18:45
The Trustwave SpiderLabs, an outfit that deals with everything from ethical hacking through to incident response and security forensics, is warning that the bank cash machine network is at risk from a malware attack that collects PIN numbers.
The malware was able to capture the magnetic stripe data from the private memory space of transaction-processing applications that were installed on these compromised ATMs, along with PIN codes for good measure.
Courtesy of some advanced management functionality found within the malware code, the attackers are able to control the compromised cash machines via a customised interface which can be accessed by simply inserting a controller card into the ATM card slot.
The stolen data can then be printed using the receipt printer built into the ATM, or output via the card reader to a suitable storage device. SpiderLabs do not believe that there is any networking functionality built into the malware, however.
I understand that the malware can be installed, and activated, by way of a Borland Delphi Rapid Application Development executable that replaces the original isadmin.exe utility file. Executing this dropper produces the malware file within the C:\WINDOWS directory of the machine.
This is not the first time that ATM security has left customers vulnerable nor will it be the last.
Trustwave warns it "highly recommends ALL financial institutions with ATMs under management perform analysis of their environment to identify if this malware or similar malware is present. Trustwave collected multiple version of this malware and therefore, feels that over time it will
evolve."
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
