According to a report in the Business Week still running 95 percent of the approximately three million ATMs worldwide with Windows XP. Updating the device is slow, although Microsoft has repeatedly a threatened end of support for Windows XP and has shifted again. In early April 2014, now finally “end of life” and that means that soon 13 years old operating system, there will be no system updates or hot fixes for vulnerabilities more. Other than originally planned but Microsoft wants to signature updates for its antivirus like Microsoft Security Essentials until 14 July 2015 deliver.
Aravinda Korala, CEO of a software developer for ATMs, estimates that U.S. banks will have only about 15 percent of the machines updated to the April deadline to Windows 7. In many machines a simple upgrade to Windows 7 will not work because the hardware resources are insufficient. Where an upgrade is not possible, often only a complete replacement.
A spokeswoman for the German banking industry told the news site Golem that it had received no nationwide statistics about which operating systems would run on the money donors. “Since the ATM hanging in Germany not the Internet, plays the type of operating system but does not matter. All ATMs that uses the German banking industry, are inspected and approved by it.” A Heise Online existing document documenting the German banking industry of the approved ATMs (as of end of November 2013) suggests that virtually all machines in Germany are running Windows 2000 or Windows XP.
The statement of the spokesperson makes people take notice, because there are also other ways to compromise a PC. Gateway can be for example the USB port the machine for printer and webcam needed. Criminals have already proved how clever they take advantage of such vulnerabilities. The report by two unnamed researchers at the 30th Chaos Communication Congress (30c3) from the beginning of the year shows it. The connections are normal as protected by the housing against intruders. The perpetrators cut a hole in the plastic panel to close a prepared USB stick with malicious code. Then they restored the ATM so good that the bank’s manipulation for months not noticed.
Fear of loss of money you have as a bank customer but do not have the money houses are liable for rigged ATMs.