He pressed 5x SHIFT and hacked the ATM's cashpoint

It was enough to press the 5x SHIFT key on a full-sized QWERTY keyboard to get to the Windows XP operating system, which is installed in the ATM of Sberbank's ATM.

The Sticky Keys feature is activated by repeatedly clicking the Shift key and is appreciated above all by people with disabilities. Unfortunately, in the case of an ATM that had a full-size keyboard it is quite the opposite. Running sticky keys makes the user access the Windows XP user interface, including the Start menu or the taskbar. Access to these areas of the operating system means that the malicious user can try to modify the ATM's operation, turn off the computer, use the ATM as an ordinary computer, and even install malicious software under appropriate conditions.

PoC was presented in this video:

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.