Microsoft will stop supporting the Windows XP operating system after 8th April, apparently 95% of the world’s 3 million ATM machines are run on it. Microsoft’s decision to withdraw support for Windows XP poses critical security threat to the economic infrastructure worldwide.
- Connect a mobile phone to the machine with a USB cable and install Ploutus Malware.
- The attacker sends two SMS messages to the mobile phone inside the ATM.
- SMS 1 contains a valid activation ID to activate the malware
- SMS 2 contains a valid dispense command to get the money out
- Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet.
- Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus
- Amount for Cash withdrawal is pre-configured inside the malware
- Finally, the hacker can collect cash from the hacked ATM machine.