One of the risks of using a commercial OS for embedded systems like ATMs: it’s easier to write malware against it:
The report does not detail how the ATMs are infected, but it seems likely that the malware is encoded on a card that can be inserted in an ATM card reader to mount a buffer overflow attack. The machine is compromised by replacing the isadmin.exe file to infect the system.
The malicious isadmin.exe program then uses the Windows API to install the functional attack code by replacing a system file called lsass.exe in the C:WINDOWS directory…
Copy and paste this URL into your WordPress site to embed
Copy and paste this code into your site to embed