U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ATMs operated by a Russian Bank could be hacked by pressing five times the ‘Shift’ key

ATMs operated by the Sberbank bank running Windows XP are affected by easily exploitable security vulnerabilities, they could be hacked by pressing five times the ‘Shift’ key. We have warned several times of risks for ATM running outdated Windows XP operating system. These systems could be easily hacked as recently discovered by an employee of the […]

ATMs operated by a Russian Bank could be hacked by pressing five times the ‘Shift’ key

ATMs operated by the Sberbank bank running Windows XP are affected by easily exploitable security vulnerabilities, they could be hacked by pressing five times the ‘Shift’ key.

We have warned several times of risks for ATM running outdated Windows XP operating system. These systems could be easily hacked as recently discovered by an employee of the Russian blogging platform Habrahabr who reported that the ATMs operated by the Sberbank bank running Windows XP are affected by easily exploitable security vulnerabilities.

The user discovered that a full-screen lock that prevents access to various components of an ATM operating system could be bypassed by pressing five times special keys like SHIFT, CTRL, ALT, and WINDOWS.

By pressing the SHIFT key five times it is possible to access the Windows settings and displaying the taskbar and Start menu of the operating system, with this trick users can have access to Windows XP by using the touchscreen.

“Well, I, standing at the terminal of the Savings Bank with a full-sized keyboard and waiting for the operator to answer the phone, decided to press this Shift from boredom, naively believing that without functional keys this would lead to nothing. No matter how it is! Five times quick pressing of this key gave me that very little window, besides revealing the task panel with all the bank software.” wrote the user.

“Stopping the work of the batch file (see the taskbar on the video below), and then all the banking software, you can break the terminal.”

This vulnerability allows hackers to modify ATM boot scripts and install malicious code on the machine.

The users tried to report the issue to the Sberbank contact center, but unfortunately, the operator was not able to help the man and suggested him to contact the support service using the phone number written on the terminal itself.

According to the German website WinFuture, Sberbank had been informed of the security flaw in its ATM almost two weeks ago. The bank confirmed to have immediately fixed the security issue, but the user who discovered the flaw claimed that the issue is still present on the terminal he visited.

“In tech support, a friendly girl after I said that I want to report a vulnerability, immediately switched me to some other specialist. He first asked how to contact me and the terminal number, then on the nature of the problem, then I listened to music for a long time, and, after all, the guy said that the problem is fixed. ” continues the user.

“All this happened on the sixth of December. Two weeks later I decided to check that there is a terminal. Still, after all, they said that they “fixed” the problem, probably they should have already eliminated it, but no – it’s still there, the window still pops up.”

Security experts urge financial institutions to update the latest version of Windows for their ATMs.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – ATMs, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]