Solve : CNN : Virus to kill XP. Do they know??

1.	Solve : CNN : Virus to kill XP. Do they know??
Answer» Is this news? CNN just said: Microsoft is about to take Windows XP off life support By Adrian Covert @CNNMoneyTech January 29, 2014: 7:11 AM ET Huh? Has Cover been living in a cave in Arabia? Quote After April 8, Windows XP computers will be more susceptible to MALWARE and viruses beginning, since Microsoft will no longer address major holes in the software. Although antivirus software will continue to fend off some malicious attacks, Microsoft's security updates provide an essential line of defense. Source: http://money.cnn.com/2014/01/29/technology/enterprise/windows-xp/ Last I heard Microsoft is extending its support by one year!!???Quote from: PCdoc on January 29, 2014, 08:56:54 PM Last I heard Microsoft is extending its support by one year!!??? I don't rink the CNN writer did enough research. However, here is a recent item that is more accurate. http://www.techienews.co.uk/975435/microsoft-backtracking-windows-xp-end-life/ The issue is ATM stations in much of the USA and Europe. These automatic electronic money dispensers have Windows XP as the control software. Hard to believe. Criminals have r piped millions of Euros from them. It was reported by the BBC about three weeks ago. http://www.bbc.co.uk/news/technology-25550512 Look at the picture Quote from: PCdoc on January 29, 2014, 08:56:54 PM Last I heard Microsoft is extending its support by one year!!??? They are extending anti-malware update support by 1 year. Other Microsoft updates will cease as originally scheduled.Quote from: Geek-9pm on January 29, 2014, 11:54:45 PM The issue is ATM stations in much of the USA and Europe. These automatic electronic money dispensers have Windows XP as the control software. Hard to believe. Criminals have r piped millions of Euros from them. It was reported by the BBC about three weeks ago. The "issue" is Banks using a 13-year old operating SYSTEM in a scenario where security and data integrity is tantamount. That is simply negligence at best. That said, however- ATMs are not exposed to the net, instead they are connected only via intranet to the internal network- other machines handle the actual transactions; they expose no capability to install software either, so I'm curious how, even with XP, a criminal COULD do anything with an ATM machine without somehow getting more physical access. The OS itself is irrelevant...Quote from: BC_Programmer on January 30, 2014, 01:07:48 PM ... ATMs are not exposed to the net... , so I'm curious how, even with XP, a criminal could do anything with an ATM machine without somehow getting more physical access. They did have physical access. But it is more complicated than what you might think. These crooks were well organized. Some quotes from the BBC. http://www.bbc.co.uk/news/technology-25550512 Quote ... The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside. Quote ... infected USB sticks. USB stick The malware was installed onto the ATMs via USB sticks Quote ...To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface.... Quote ... The correct response varied each time and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed. .. Hard to believe? Well, read the full story and Google it. This link is up to date and confirms the use of USB drives. Quote ... Planning to rob a Windows ATM? Ditch the sledgehammer and bring a USB STICK Infosec bods demonstrate hack again in forlorn hope banks might notice this time By John Leyden, 6th January 2014 Crybercrooks have created a strain of malware that creates a backdoor on compromised ATMs using a bootable USB stick. The crooks cut a hole into the plastic chassis of the ATM in order to access the USB port before patching the system up to avoid their TAMPERING being detected. ... http://www.theregister.co.uk/2014/01/06/atm_malware_stick_up/ Hard to say if a software update would stop the crooks. Quote Researchers have revealed how cyber-thieves sliced into cash machines in order to infect them with malware earlier this year ... The criminals cut holes in order to plug in USB drives that installed their code onto the ATMs. Why was the USB header still present? This has absolutely nothing to do with Windows XP. They gained physical access to a machine that was not secure because proper precautions were not taken. The fact that they left intact USB headers on the system is insane. The fact that auto-run was still enabled, equally so. And the fact that even though it was a kiosk of sorts the entire system was still being run as an administrator when it almost certainly could have been running under a limited account. Quote from: BC_Programmer on January 30, 2014, 03:04:25 PM Why was the USB header still present? This has absolutely nothing to do with Windows XP. They gained physical access to a machine that was not secure because proper precautions were not taken. The fact that they left intact USB headers on the system is insane. The fact that auto-run was still enabled, equally so. And the fact that even though it was a kiosk of sorts the entire system was still being run as an administrator when it almost certainly could have been running under a limited account. I agree. The title I put on this thread is from what pundits have said. The use of USB devices for malicious use is well-known. A biter choice would have been a secure memory card for any kind of device handling monetary transactions. Anybody can just Google Secure Digital Memory Cards But apparently BANKERS never do research. Quote The "issue" is Banks using a 13-year old operating system in a scenario where security and data integrity is tantamount. That is simply negligence at best. You said it.

Answer»

Is this news? CNN just said:
Microsoft is about to take Windows XP off life support
By Adrian Covert @CNNMoneyTech January 29, 2014: 7:11 AM ET
Huh? Has Cover been living in a cave in Arabia?
Quote

After April 8, Windows XP computers will be more susceptible to MALWARE and viruses beginning, since Microsoft will no longer address major holes in the software. Although antivirus software will continue to fend off some malicious attacks, Microsoft's security updates provide an essential line of defense.

Source: http://money.cnn.com/2014/01/29/technology/enterprise/windows-xp/

Last I heard Microsoft is extending its support by one year!!???Quote from: PCdoc on January 29, 2014, 08:56:54 PM

Last I heard Microsoft is extending its support by one year!!???

I don't rink the CNN writer did enough research. However, here is a recent item that is more accurate.
http://www.techienews.co.uk/975435/microsoft-backtracking-windows-xp-end-life/
The issue is ATM stations in much of the USA and Europe. These automatic electronic money dispensers have Windows XP as the control software. Hard to believe. Criminals have r piped millions of Euros from them. It was reported by the BBC about three weeks ago.
http://www.bbc.co.uk/news/technology-25550512
Look at the picture
Quote from: PCdoc on January 29, 2014, 08:56:54 PM

Last I heard Microsoft is extending its support by one year!!???

They are extending anti-malware update support by 1 year. Other Microsoft updates will cease as originally scheduled.Quote from: Geek-9pm on January 29, 2014, 11:54:45 PM

The issue is ATM stations in much of the USA and Europe. These automatic electronic money dispensers have Windows XP as the control software. Hard to believe. Criminals have r piped millions of Euros from them. It was reported by the BBC about three weeks ago.

The "issue" is Banks using a 13-year old operating SYSTEM in a scenario where security and data integrity is tantamount. That is simply negligence at best.

That said, however- ATMs are not exposed to the net, instead they are connected only via intranet to the internal network- other machines handle the actual transactions; they expose no capability to install software either, so I'm curious how, even with XP, a criminal COULD do anything with an ATM machine without somehow getting more physical access.

The OS itself is irrelevant...Quote from: BC_Programmer on January 30, 2014, 01:07:48 PM

... ATMs are not exposed to the net...
, so I'm curious how, even with XP, a criminal could do anything with an ATM machine without somehow getting more physical access.

They did have physical access. But it is more complicated than what you might think. These crooks were well organized.
Some quotes from the BBC.
http://www.bbc.co.uk/news/technology-25550512

Quote

...
The thefts came to light in July after the lender involved noticed several its ATMs were being emptied despite their use of safes to protect the cash inside.

Quote

... infected USB sticks.
USB stick The malware was installed onto the ATMs via USB sticks

Quote

...To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface....

Quote

... The correct response varied each time and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed. ..

Hard to believe? Well, read the full story and Google it.
This link is up to date and confirms the use of USB drives.
Quote

...
Planning to rob a Windows ATM? Ditch the sledgehammer and bring a USB STICK
Infosec bods demonstrate hack again in forlorn hope banks might notice this time
By John Leyden, 6th January 2014
Crybercrooks have created a strain of malware that creates a backdoor on compromised ATMs using a bootable USB stick. The crooks cut a hole into the plastic chassis of the ATM in order to access the USB port before patching the system up to avoid their TAMPERING being detected.
...
http://www.theregister.co.uk/2014/01/06/atm_malware_stick_up/

Hard to say if a software update would stop the crooks.
Quote

Researchers have revealed how cyber-thieves sliced into cash machines in order to infect them with malware earlier this year
...
The criminals cut holes in order to plug in USB drives that installed their code onto the ATMs.

Why was the USB header still present?

This has absolutely nothing to do with Windows XP.

They gained physical access to a machine that was not secure because proper precautions were not taken. The fact that they left intact USB headers on the system is insane. The fact that auto-run was still enabled, equally so. And the fact that even though it was a kiosk of sorts the entire system was still being run as an administrator when it almost certainly could have been running under a limited account.

Quote from: BC_Programmer on January 30, 2014, 03:04:25 PM

Why was the USB header still present?

This has absolutely nothing to do with Windows XP.

They gained physical access to a machine that was not secure because proper precautions were not taken. The fact that they left intact USB headers on the system is insane. The fact that auto-run was still enabled, equally so. And the fact that even though it was a kiosk of sorts the entire system was still being run as an administrator when it almost certainly could have been running under a limited account.

I agree. The title I put on this thread is from what pundits have said. The use of USB devices for malicious use is well-known. A biter choice would have been a secure memory card for any kind of device handling monetary transactions.
Anybody can just Google
Secure Digital Memory Cards
But apparently BANKERS never do research. Quote

The "issue" is Banks using a 13-year old operating system in a scenario where security and data integrity is tantamount. That is simply negligence at best.

You said it.

Solve : CNN : Virus to kill XP. Do they know??

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment