ATM Machine Runs on Microsoft Windows XP

↓ Sponsored Links / Home » Computer & Internet Security

atm windows xp error money

The image above reminds me of the same ATM error I encounter 2 years ago, the only difference is the operating system which happens to be IBM’s outdated O/S2. I thought for security purposes, banks prefer UNIX or Linux system.

If banks, ATMs, machines, cars, phones are powered mostly by Windows from Microsoft, then it is almost impossible to break the monopoly of operating system by Microsoft.

Recommended Reading: 12 Best Warren Buffet Quotes on Investment, Life and Money

atm windows xp error money
Image source and credits : Shaolin Tiger

Infected ATMs Give Away Millions of Dollars Without Credit Cards

Most bank including Citibank, HSBC and more nowadays uses Diebold ATM machines and they uses Microsoft Windows XP to run it since the ATM machine itself is not much of a critical component in a banking system. It is merely a network computer with cash dispenser. Microsoft stopped patching bugs and security holes for Windows XP, thus leaving almost all ATMs in the world vulnerable.

Not exactly a hack an ATM tutorial. Kaspersky Lab’s experts performed a forensic investigation into cyber-criminal attacks targeting multiple ATMs around the world. During the course of this investigation, the company’s researchers discovered a piece of malware infecting ATMs that allowed attackers to empty the cash machines via direct manipulation, stealing millions of dollars.


42 comments on “ATM Machine Runs on Microsoft Windows XP

  1. Todd H
    Todd H July 9, 2006 at 8:09 pm - Reply

    Many ATMs are connected through the Internet, and even the ones on private networks are susceptible.

    • joey
      joey April 7, 2013 at 2:29 pm - Reply

      Luther Simjian invented the first ATM machine or hole in the wall banking.

  2. Dan
    Dan July 9, 2006 at 8:10 pm - Reply

    That may be true in some cases, but many worms have found their way onto ATMs in the past.

  3. ChrisJ
    ChrisJ July 9, 2006 at 8:20 pm - Reply

    This isn’t really anything new. For a very long time some ATMs were powered by an embedded version of Windows NT and even Window CE. Truth of the matter is that Windows run on a private network can be very secure. Also, NEXT and Windows are also used in point of sale systems all over the world.

    It’s time we get past the petty bickering of operating systems and start making better computing choices and that does not mean switching for the sake of switching.

  4. Brian
    Brian July 9, 2006 at 8:26 pm - Reply

    It might be worth while to know which bank in question has Windows XP ATMs made by NCR…

  5. lflashl
    lflashl July 9, 2006 at 8:36 pm - Reply

    I have seen this too in NEW ZEALAND, on the new KIWI Bank ATM’s machine. was funny to see, would be nice to see wht we could do with them.

  6. Jason
    Jason July 9, 2006 at 8:46 pm - Reply

    Yeah, seriously. And it’s not like you see these errors every day.

    • Joanna Stern
      Joanna Stern April 7, 2013 at 2:30 pm - Reply

      ATM machines running on Microsoft Windows based machines have been causing issues to customers.

  7. Bridget Linhart
    Bridget Linhart July 9, 2006 at 6:02 am - Reply

    The software is run on private networks, with high security firewalls. It’s not like they were run on the Internet.

  8. Nachoes
    Nachoes July 9, 2006 at 7:34 pm - Reply

    Doesn’t really matter: Some stupid Exec taking his laptop with him over the weekend, the laptop is infected by a virus and he plugs into the corporate LAN on monday…
    (and yes, this has happened)

  9. trogdor
    trogdor July 9, 2006 at 7:40 pm - Reply

    The ATM UI should be so simple that it can fit on a chip. The ATMs I’ve used have had the same UI for over a decade. Do we really need a color screen to view our balance or withdraw $20?

  10. Andreas Roedl
    Andreas Roedl July 9, 2006 at 7:43 pm - Reply

    That’s scary!

    Do you really need an operating system like Windows XP to run an ATM? I don’t think so.

  11. crusty
    crusty July 9, 2006 at 8:18 pm - Reply

    Not only that, but I work at home depot, and all of the cash registers and self checkouts are powered by XP. I never knew a cash register could seize up before…..

  12. Scriptersx
    Scriptersx July 9, 2006 at 8:21 pm - Reply

    I do remember a story about a worm getting into an ATM, umm i think it was mydoom or one of them

  13. Torin Darkflight
    Torin Darkflight July 9, 2006 at 8:32 pm - Reply

    A couple years ago I remember seeing another website about a different ATM running XP. That other ATM apparently had a mechanism to automatically reboot itself whenever something went wrong, and the picture showed the ATM screen with the Windows XP bootup screen on it. What’s worse…if I remember correctly, it was XP HOME, and it didn’t have SP2 (Yes, this picture was taken months after SP2 was released). Good grief!

  14. Fahroe
    Fahroe July 9, 2006 at 8:34 pm - Reply

    I think there are more, for example Siemens. First saw the ATM using XP was in early 2005, installed by one of the banks here in Kuala Lumpur, Malaysia. Then saw it again on ATM manufactured by IBM, NCR. Heck..even saw a blue screen ATM once. :)

  15. Byron Smart
    Byron Smart July 9, 2006 at 8:35 pm - Reply

    See ATM’s work pretty damn well and have been for years, minus advanced hacks like adding hardware adapters and other un-social theivery methods.. However now this will be extremly simple to jackpot.. The end of the world is near, but more like a NWO starte to phase out using cash alltogether.. Think about it…

  16. Byron Smart
    Byron Smart July 9, 2006 at 8:38 pm - Reply

    private networks and high security firewalls with XP? ahahah yeah right.. What do you think Linux hackers cream over…hehe Let the Kaos begin

  17. Roger
    Roger July 9, 2006 at 8:48 pm - Reply

    Private networks or not. It is stupid running an out of the box version of XP on ATM’s. As you can see in the pictures, they don’t even have proper fault tolerance and fail secure mechanisms. Either the system wasn’t designed (at all) or someone got bribed a lot.

  18. Josh
    Josh July 9, 2006 at 9:38 pm - Reply

    Bridget has a point. With having to work in the banking industry developing software for a year. I had the (dis)pleasure of working on a similar device. I would not agree with using xp on such a machine but we had no say so in it. I however will assure you this though. ATMs with such as this are well protected from outside networks.

  19. Joe
    Joe July 10, 2006 at 10:51 am - Reply

    I work for a financial institution and laugh at the Windows XP ATMs also.

    Remember when Bank Of America’s ATMs were all brought down by a worm a few years ago? They were all running Windows.

    The problem is that the ATM companies show off the pretty Windows interface and the marketing guys practically wet themselves with the advertising potential of this interface. So security goes out the window and the marketing guys get what they want.

    Very typical.

  20. Jerry
    Jerry July 10, 2006 at 12:46 pm - Reply

    Windows comes with a lot of well-understood infrastructure for updating software, performing backups, determining status, etc. It runs on a wide variety of commodity hardware. The ATM software itself is the smallest part of managing the ATM network; having cheap, replacable hardware and familiar tools for status, backup, & update can seriously lower the cost of operaion.

    A great number of developers use Windows to write and test their software, lowering the cost of acquiring and keeping said talent. The two most widely-used network development environments (.NET, J2EE) are easiest to develop on in Windows (predictable behavior, widely-available free or very cheap tools, latest releases always available, etc.). (Odd in Java’s case, but there it is.) This lowers the cost of development.

    Many manufacturers know this, and so offer Windows as the OS for their ATMS, and many customers choose to use Windows for these reasons.

  21. sban
    sban November 15, 2006 at 6:52 am - Reply

    The instiall setup for the screen resolution for the ATM software to work

  22. les
    les March 14, 2007 at 7:39 pm - Reply

    most of them run on XP but its not the XP you think, its way diffrent from what you have seen ;D

  23. IT Security
    IT Security April 4, 2007 at 12:39 am - Reply

    currently yes alot of of ATMS run off Windows XP it is a locked down version of XP(which is created by the bank)usually it sits within its own forest and SSL or IPSec encryption so that even if the ATM is on the corporate network all its traffic is encrypted.Firewalls and IPS/IDS solutions are also used to mitigate the risk of virus outbreaks as well as antivirus in the case of some banks depoly this to the ATMS. The main reason for going to XP is that it can be managed properly as well as developemnet for new features for the ATM are Quick to develope and the skills are easy to get hold os OS2 skills are not

    With regards to Virus

  24. Jose
    Jose May 4, 2007 at 5:21 pm - Reply

    If atms run xp, this gives me Ideas, because having an Xp computers requires 96mb ram, 2 mb Video, and a hard drive, or maybe they are edited versions of xp that run on lowerend hardware… but the cpu X86 is a key factor for hacking, my grandpa used to steal money fro ATMs usning a graphing calculator…

  25. Liam
    Liam June 9, 2007 at 8:20 pm - Reply

    Dude, you have got to be kidding! ATMs sohuld have their own super-sucure OS. Not windwos XP?!?! Windows xp needs like 4+Gigs of HD space, if all you need is a simple OS that is like 50MB or even less! Windows Xp has many ways to do things that alot of people dont know about useing keybord shortcuts, example: Control + Shift + Esc opens task manager and Windows button + R opens the run box where you can go to command prompt and everything! So why dont banks just make a simple OS that can be updated easy and (becouse it is made by banks) only banks know how to accsess/hack it. If it is running on WinXP, a simple .exe could be ran and a code would be implanted that when pressed, would deposit all of the machene’s cash! Damn

  26. Joshua
    Joshua July 5, 2007 at 12:56 pm - Reply

    They should use Linux os Mac OS 9/X on ATMs. Hell at school I boot linux on a school computer and I can access anything on the whole network.

  27. TCPMeta
    TCPMeta August 11, 2007 at 10:02 pm - Reply

    Most ATMs ran OS\2 and some bastard version of UNIX. They should of left it that way because Not many people know how to exploit OS\2 and it’s very hard to get into a unix system. At my old job we had a contract to do a hardware install at a compass bank. Another company came in and did the software. This guy I knew that was testing the ATM that was running Windows Embedded found so many exploits it wasn’t funny. The ATM had a shelf with a lock that had a keyboard and a touch pad on the outside. The lock was a plain old lock. You needed a master key card to make it close the ATM customer screen and went to the windows desktop. From there you can run the test program and make it spit out money. The master key card can be easily made and the code is easy to exploit. If you know how to hack a satellite you can hack this ATM. It scares me that people know how to do this stuff. Really in all it depends on the hardware setup and the ATM customer software. Also theres cameras on ATMs so it’s kinda hard to break into one.

    Think about it, most companies buy so many copies/licenses of windows and at some point they use up all of the licenses they bought and end up putting a few “illegal” installs. Also everyone wants to use a OS that can be exploited so easily that it doesn’t take time for companies to use the same OS. A friend of mine has a new cell that uses Windows Mobile and he already got a Trojan on it from syncing it with another friend’s PC. Why can’t people s**** it up and use a Unix based OS. So far Unix it self has no virues, spyware, malware and if setup correctly it can’t get broken into unless the “hacker” gets a hold of the root password.

  28. Blake Barrie
    Blake Barrie August 20, 2007 at 3:31 am - Reply

    Most of you are extremely foolish. Windows XP, without any patches, is just as secure as Linux, when behind say a Linux router. The problem is when many ports are open or when you are using Internet Explorer that you need to update windows.

  29. Jack
    Jack September 2, 2007 at 10:47 pm - Reply

    Yeah Well One Of The ATM Machienes Are Running on vista at the shops

  30. M15F1T
    M15F1T September 30, 2007 at 12:01 am - Reply

    i work security @ key bank & they run XP Pro on the atm’s Luzers!!! sum1 pleeeze hack them so i can have something to do *BooooReD @ WoRk !!!*

  31. M15F1T
    M15F1T September 30, 2007 at 12:46 am - Reply

    key bank ATM’s use WinXP Pro. they are Very unstable we get the blue-screen AT LEAST once a week, and it reboots all the time it also likes to eat plastic (cards)

  32. Klajdi Hena
    Klajdi Hena November 12, 2007 at 7:02 pm - Reply

    lol. I never knew that ATM machines ran on Windows XP either. It’s kinda funny though, and suprising at the same time.

  33. ATM
    ATM April 15, 2008 at 12:00 am - Reply

    Id like to find a broken ATM that has windows XP and modify it into an mp3 jukebox and put my mp3s on it and make a cool looking mp3 jukebox. will this work? how big is its hard drive, will it take USB flash drives

  34. Keyon
    Keyon June 11, 2008 at 9:13 am - Reply

    IF THERE IS AN ATM WITH A TOUCH SCREEN AND WINDOWS XP THEN THE PERSON CAN MODIFY IT TO SHOW THE DESK TOP AND SINCE ITS WINDOWS , IT’LL ACT LIKE A HOME COMPUTER SO YOU CAN MAKE IT GIVE YOU MONEY AND SURF THE INTERNET [DONT BE DUMB ENOUGH TO LOG ON YOUR EMAIL ACOUNT LOL]

  35. Keyon Morris
    Keyon Morris November 5, 2008 at 4:28 pm - Reply

    Ha alot of banks run XP and if its a touch screen then you can open on screen keyboard and do alot, plus other places do this like at supermarkets they rum XP embedded and i remember when i was fooling around at my moms job and the computer crashed and rebooted and it was booting XP media Edition lol, my moms job’s cash registers also run MS-DOS and they’re connected to two servers 1 runs Windows NT and the other one idk i juss know that the Windows NT one logs the transactions and user accounts and the other one is just a data server where they do updates

  36. Brocken ATM
    Brocken ATM December 8, 2008 at 1:00 am - Reply

    @ATM It’s a good Idea to make an MP3 Jukebox out of broken ATM. But I am afraid it wouldn’t be a ‘Portable’ anymore. This is a big enough to carry on pocket.

  37. grammar police
    grammar police July 21, 2009 at 1:04 pm - Reply

    you mean “ATM”, not “ATM machine” – unless it makes ATMs?

  38. IGNATIUS WANJERA
    IGNATIUS WANJERA August 19, 2010 at 3:49 am - Reply

    iam glad that we humanbeings are not powered by softwares imagine if our women were running windows xp what will happen?

  39. Dr Hfuhruhurr
    Dr Hfuhruhurr February 16, 2011 at 7:40 pm - Reply

    The reason XP is used is because many Banks and independant ATM providers want to use industry standard ATM software. The big boys (NCR, Diebold & Wincor) provide XFS layer drivers for XP only so you have to use XP to run the terminal emulation required for ATM switching. Really no different from the OS/2 days of old other than that you aren’t tied into a single provider for hardware and software. Yes you could write your own but when you’ve got an estate of 9000+ machines to think about, you want to pick on something that runs elsewhere in the world. XP has no security issues as long as the supporting network is well defined. Personally I’d love to get Linux running on these boxes but no-one provides XFS layers to suit. Rock hard place.

  40. tim yap
    tim yap March 3, 2011 at 6:48 pm - Reply

    atm here in Philippines runs on windows xp so hackers always trying to do something, well i have to say that this XP base OS for ATM machines are hackable.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>