Researchers at the Chaos Communication Congress have said that Cash machines running Windows XP have been attacked.  It appears as though criminals have managed to steal money from cash machines earlier this year, using USB sticks and exploiting the security of Microsoft’s, now very old, Windows XP operating system.

Researchers speaking at the Chaos Communication Congress, organised by the Chaos Computing Club in Germany, said attackers hit an unspecified number of cash machines.  They cut away at the chassis of the ATM to reveal the USB slot.  They the high tech thieves uploaded malware to the machine.  This then meant they could draw out cash via their own hidden menu, according to various reports.

ATM USB Robbery

The malware had been created to target one bank, but the researchers, who wished to remain unnamed, have warned about an enormous number of financial institutions which still use susceptible software in their ATMs.

It appeared the offenders were well funded and experienced. One researcher suggested they had an inside man working for them. The malware they used had the capability to steal customer information but apparently didn’t do so.  “I’m not sure this is the end attack, or the end game,” said one of the researchers, according to Wired. “We’ll probably see this kind of malware on another bank, in another city, on another continent.”

Are we ever really safe from people wanting to steal our data? Our money? Our information and our identities?  I don’t think so.  And if those in the financial arena in charge of keeping ATM security up to date, don’t actually do their job, then things like this will keep on happening.

[Image via: geekattitu]