Around 95% of Mexico ATMs reportedly running XP, at risk

Monday, June 9, 2014

An estimated 95% of ATMs in Mexico run on Windows XP and have been at greater risk of viruses and malware attacks since Microsoft ended support for the operating system on April 8.

This is according to Moneta Technologies, which is urging banks to update their cash machines, local daily El Sol de México reported.

Start your 15 day free trial now!


Already a subscriber? Please, login

José Manuel González Barragán, marketing director of the technology and e-banking consultancy firm, said banks should install Windows 7 or 8 in ATM systems and add remote management features.

González was quoted as saying: "The problem is that to update traditional ATMs, the person must physically go and install the new software, which permits these people to install any type of malware."

In many cases, migrating older ATMs to Windows 7 will require memory and processor upgrades and, in some cases, complete overhauls, according to ATM Marketplace's 2014 software trends and analysis report.

Other shortcomings include the inability to add new features and screens to ATMs, since proprietary systems are often based on complicated languages that require several days of programming to make major changes, Moneta said.

Mexico follows an international trend: about 95% of ATMs across the globe were running on XP as of late March, according to digital security firm Symantec.

While half of the world's ATMs will be using Windows 7 in 2015, 25-30% will never upgrade from XP, the ATM Marketplace report said.

Failing to upgrade can make banks vulnerable to risks such as Ploutus, a malware that was discovered in September in Mexico.

The malware, which was first installed through an infected CD or USB, allowed hackers to send an SMS to access a breached ATM and force it to dispense cash.

"Using SMS messages to remotely control the ATM is a much more convenient method for all of the parties in this scheme, because it is discrete and works almost instantly," Symantec said in an article explaining the malware.