So the security team at SpiderLabs have uncovered a security breach affecting cash machines currently running on Windows XP. Basically some malware allows the attacker to gain complete control over the cash machine and extract tracking data, PIN numbers, and to add insult to injury the hard cash as well!

Basically once the machine has been infected, which apparently needs to be done manually suggesting insiders are involved, the attacker can return to the infected machine at any time later and extract the information using a special trigger card, where they can then print out the required information to the built in receipt printer before telling the machine to chuck out some cash.

Ok, so only around 20 or so machines have reportedly been compromised at the moment but I would imagine it’s only a matter of time before this is happening to Windows XP powered machines around the world.

I find it amusing we’re using Windows XP on cash machines anyway, especially considering Microsoft already moved XP from mainstream support to it’s “extended support”  phase in April this year, (although they will still provide security related updates through to 2014). Cash machines should have a dedicated proprietory OS rather than use one of the most targeted platforms for malware. What next, Windows based life support machines?