Slashdot Mirror

← Back to Stories (view on slashdot.org)

Diebold ATMs hit by Nachi Worm

Posted by CmdrTaco on from the that-makes-me-feel-safe dept.

red floyd writes "The Register is reporting confirmation that Diebold ATMs were hit by the Nachi worm back in August. Apparently some Diebold ATMs run XP Embedded, and got hit with a variant of the RPC DCOM worm. Seems that they hadn't yet applied the available patch."

3 of 414 comments (clear)

  1. Embedded XP? What were they thinking? by Cajun+Hell · · Score: 5, Interesting
    WTF goes through somebody's head when they decide to use MS Windows for an embedded project?!

    Windows' strength, pretty much its only strength, is legacy compatability. But an ATM doesn't need to run Excel or some 8-year-old custom Visual Basic application that an irresponsible manager got the company locked into. Really, it's ok to use decent software for embedded projects, nothing should hold you back.

    Using Windows in an ATM, sounds like a classic application of the saying: "When the only tool you have is a hammer, every problem looks like a nail."

    --
    "Believe me!" -- Donald Trump
  2. ATM Horror by h4rm0ny · · Score: 5, Interesting


    A few years ago when I was a naive young UNIX programmer I came to the cash machine and got the firght of my life. There, floating over the blocky PIN login screen was a windows Illegal Error box.

    Up until that moment I had always assumed the cash machines were running some specially written firmware on specially made hardware. This was a massively important and widespread system after all.

    Oh - how young I was.

    --

    Aide-toi, le Ciel t'aidera - Jeanne D'Arc.
  3. Re:Diebold spins it. by austad · · Score: 5, Interesting

    Most Diebold ATM's run OS/2. But there's a push from some banks for them to install windows on them, even though the banks don't manage them. I used to work for a company that had ATM's with Diebold, and the engineer I talked to was unhappy that they were putting windows on them, but it's customer demand. It's simply some jackass that works for a bank and thinking they should run windows, when he has no idea how an ATM even works.

    As far as VPN's go, for the most part, the ATM's either dial up, or are connected to a LAN that has some sort of WAN connection back to its respective bank. I don't know of any that use VPN's, although it is entirely possible. Keep in mind that Diebold simply provides the machines and fixes them when they break, it's up to the bank or whoever to provide the connectivity and other supporting servers/equipment.

    --
    Need Free Juniper/NetScreen Support? JuniperForum