Beware of cybercrime ATM stealing cash
Almost 95% of ATM devices still run the Windows XP operating system. With the arrival of the date on April 8, 2014, when Microsoft announced that it will stop providing technical support for Windows XP, the banking industry will face more ATM networks. Malicious threats.
At the end of 2013, the Symantec Security Bulletin had analyzed new ATM malware named Backdoor.Ploutus from Mexico. Through this software, an attacker can use an external keyboard to randomly withdraw cash from ATMs. A few weeks later, Symantec discovered a new version of the software - it has been upgraded to a modular architecture, Backdoor.Ploutus.B (Ploutus), and can attack ATMs via SMS.
Overview of the attack process:
1. The attacker installed Ploutus on the ATM and connected the mobile phone via the USB cable
2. Send two SMS messages to the ATM built-in mobile phone via the controller
a. SMS 1 contains a valid activation ID, which starts Ploutus within the ATM
b. SMS 2 contains a valid allocation order to withdraw cash
3. Mobile phones forward valid SMS to ATM in the form of TCP or UDP packets
4. The ATM internal network packet monitoring module accepts TCP/UDP packets. If it contains a valid command, it can start Ploutus.
5.Ploutus triggers ATM to spit cash, the amount of cash is preset in the malware
6. Criminals withdraw cash from ATM
In addition to Ploutus, Symantec also discovered multiple malicious software that attacked ATM machines. An attacker may use Ploutus to steal cash from ATMs, and may also try to steal user's bank card information and passwords through other malicious software, and some malware may also take a middleman attack. All in all, there are many ways to attack malicious attacks on ATMs, and it needs to attract the public's attention.
How to protect ATM equipment from infringement?
Although the security features of modern ATM machines have actually been strengthened, there are still great security challenges for older Windows XP system ATMs. At the same time, the physical security of the internal computer of the ATM is another problem that needs to be solved urgently, because although the ATM machine securely keeps the cash in the safe, the computer does not.
In response to this situation, Symantec recommends that banks and other financial institutions adopt the following best security practices:
• Upgrade operating system to Windows 7 or Windows 8
• Provides adequate physical protection and installation monitoring
• Lock the BIOS to prevent boot from unauthorized media such as CD ROM or U disk
• Use full disk encryption to prevent hard disk tampering
• Use system locking solutions such as Symantec Critical System Protection
With these measures, attackers can hardly attack ATMs. In addition, Symantec has announced that existing user, terminal and server security solutions will continue to support Windows XP systems in the short term, and Symantec strongly recommends that users still using Windows XP upgrade to newer ones as soon as possible. version of.
A gas sensor is a converter that converts a certain gas volume fraction into a corresponding electrical signal. The detector head regulates the gas sample through the gas sensor, usually including filtering impurities and interfering gas, drying or refrigeration, and processing the instrument display part.
Gas sensor is a device that converts the information of gas composition and concentration into information that can be used by personnel, instruments, computers, etc! Gas sensors are generally classified as chemical sensors, although this classification is not necessarily scientific.
Gas Sensor,Gas Flow Sensor,Gas Detector Sensor,Ultrasonic Gas Sensor
Taizhou Jiabo Instrument Technology Co., Ltd. , https://www.taizhoujiabo.com