Cash machines hacked to spew out card details
After months poring over the Windows-based software in the bank's ATMs, Henwood and his team were astonished. They found a 50-kilobyte piece of malware disguised as a legitimate Windows program called lsass.exe. In a PC, this helps the Microsoft operating system cache session data - so users don't have to re-enter their passwords every time they get a new email, for example.
This is a clever choice of camouflage, says SpiderLabs' forensics manager Stephen Venter: to an IT staffer, lsass.exe doesn't look out of place in a Windows system, so routine checks wouldn't necessarily pick it up. Yet it has no useful function in an ATM.
How long will this madness go on, before Microsoft is called to account and sued for real losses caused by their badly broken operating system?
No comments:
Post a Comment