Android Pay Is Coming To The UK

These days your phone can replace a lot of things, from your contact list to your camera, they do it all. With thanks to Android, you may get to tick another thing off your list with several major banks in the UK starting to accept Android Pay.

Currently, the financial institutes that support Android Pay are the following:

  • Bank of Scotland
  • First Direct
  • Halifax
  • HSBC
  • Lloyds Bank
  • M&S Bank
  • MBNA
  • Nationwide

It won’t stop there with Android’s blog posting that the list will grow thanks to “new banks being added all the time”. Android pay will be accepted anywhere in the UK that supports contactless payments, meaning your weekly shopping trip or even your lunch treat could soon be provided by your mobile phone.

If that wasn’t enough the feature will also be supported in several apps, such as Kickstarter, JD Sports and Deliveroo while other the API that lets developers add the feature has been adjusted to make it easier to include the feature in any app’s that want you to pay for with your phone.

With 1.5 million registrations happening in the US each month for Android Pay, the success of the system could only grow by adding it to other countries and it looks like Apple Pay and other contactless systems may have a fight on their hands for which phone you use to pay your lunch bill.

Hackers Lost Out On $780 Million Due To Spelling Mistake

We’ve all had that moment, you are writing an email and are worrying so much about your wording that just as you hit send something jumps out at you. Forgot to attach the file you were talking about or added the wrong details by mistake? Imagine if you were making a bank transfer and made the same mistake, pretty big deal. Even bigger if the money doesn’t belong to you and all that stopped you getting it was the spelling mistake.

The hackers in question managed to gain access to the servers of Bangladesh Bank, from there they went about their business. In total, they were going to send somewhere close to $850 million to different accounts in the Philippines and Sri Lanka in just 13 transfers. $81 million of these went through before the fifth one was flagged up by a routing bank in Germany.

The reason for the flag was simple, “fandation”. Instead of putting “foundation”, the hackers had mistyped and put in “fandation”. If the hack had been successful it would have been one of the largest of its kind on record, while $81 million is impressive you have to think that with a little spell check they could have made off with a lot more.

Iris Scanners Allow Access to Bank Accounts Without Pin or Card

We all hear about how we need to keep our accounts safe, but who remembers all their passwords to all their different accounts? Who can say that they haven’t used the same password for several websites before? Even with password managers apparently making passwords redundant according to GCHQ, we still use them for everything from logging into your phone to filing your bank returns. So what about when it comes to your money? A four digit pin? Why not use an iris scanner to access your bank account.

Jordan is the first country to deploy iris scanning technology, with help from the United Nations Refugee Agency (UNHCR), to help users access their bank accounts, with the system being used to help refugees access their bank accounts without a bank card or pin. With around 23,000 families using the system to receive aid, the system is working well.

By removing the need for a person to check details before handing out the cash the UNHCR feels like this is a step in the right direction, giving both the refugees and the UNHCR a feeling of control and freedom. With the hopes that the system could be deployed to all of UNHCR’s current cash assistance programmes, you have to wonder how long before typing in a password becomes a thing you’ll tell your grandchildren about.

Banking Malware ‘Dridex’ is Back!

We’ve all had that moment, those unwanted pop-ups and advertisements on your computer that make you suddenly realise “I’ve got a virus”. It’s one of the things we tend to think happens to others but it can happen to anybody and with the internet it’s easier and easier to spread malicious software, or malware, around the world. One piece in particular has reappeared, this time targeting your online banking experience.

Dridex has made several appearances before, such as when the NCA estimated its cost to the UK was around £20 million. IBM’s X-force have found a more recent version of the malware and it features a whole new trick up its sleeve. By targeting something known as the DNS (Domain Name Service), instead of getting redirected to your banks website, Dridex will now send you to a fake site. From there, users enter their details believing everything to be okay, only to have then handed over their login details to the malware.

The issue with this is that you can be on the “right” website, the page looks normal, the web address is correct and everything else that makes you trust the site, but suddenly its only when you’ve logged in that you realise there is nothing right about the site.

13 of the U.K’s largest banks have had their websites replicated, which may not seem like many but if you count how many times people check their bank accounts online, even taking a few pounds from each of them could quickly reach millions.

The malware is spread through several ways, one of the most common being a manipulated Office document. As a result we remind our readers that attachments are like candy, never accept them from strangers and if you are not expecting them, be extra careful!

Bank of China Releases a Laser Blasted “Monkey” Coin

Tech is always advancing in new and exciting ways. With the aim of developing and modernizing techniques for the 21st century, the coin production process at The People’s Bank of China placed into circulation a $10 dollar limited edition of at least 500 million coins, but when you consider China has a current estimated population of at least 1.357 billion, this may well be a limited laser blasted and multilevel “Monkey zodiac coin”.

The coins in question use materials including a Brass Alloy for the outer ring, which is illustrated by the first image below, this is coupled with a Nickel Alloy composite which is implemented for the inner core and is conveyed by the second image. The technique used to make these commemorative coins changes the traditional moulding process in favour of a lower yet more efficient manufacturing footprint.

The coins have the word “SHIYUAN” which is located next to the selected domination, this word comes from the  Chinese phonetic alphabet. The coins, released to coincide with the 2016 Lunar New Year are also decorated to include a floral pattern as well as a traditional decorative monkey and also a lantern.

Collectors who wish to collect such a coin will be able to reserve a maximum of five coins, the date by which the coins will become available will be from the 16th January 2016.

TalkTalk Hackers Only Accessed a Small Percentage of Data

Since the cyber attack on Internet Service Provider (ISP) TalkTalk on October 21st, it has been revealed that the hacker(s) have only been able to access 4% of sensitive customer details. I say only loosely as even a single customers details being revealed is bad enough.

BBC has  reported that 156,959 customers had personal data accessed, of which 43,656 had payment details accessed, but approximately 28,000 credit and debit card details were obscured beyond use to any hacker for financial transactions.

TalkTalk has already contacted a large amount of affected customers and the remaining customers will be contacted “within the coming days”. The firm and other data security firms have advised all customers to keep monitoring their personal accounts of both email and bank for any suspicious activity and report to your bank, TalkTalk and in extreme cases, the police.

Take a look at this video shared by the BBC twitter account of a scammer trying to con a customer. Most banks would have been informed to monitor customers accounts themselves, but you could take extra measures such as taking out a subscription to credit freezing subscriptions offered by Expedia which will not only freeze your credit score, but also inform you of fraudulent activity.

Has the hack impacted you or someone you know? Let us know what security measures have been taken in the comments.

Vodafone Customer Bank Details Accessed in Hack

Just over a week ago, TalkTalk’s website fell victim to a cyber-attack and revelations have emerged regarding the company’s poor security infrastructure. It seems these attacks are becoming more prevalent as today, Vodafone admitted a data breach involving 1827 customers’ personal information. This include their bank details and telephone number. A spokesperson from Vodaphone confirmed the attack, and reaffirmed that it wasn’t due to their security measures:

“This incident was driven by criminals using email addresses and passwords acquired from an unknown source external to Vodafone. Vodafone’s systems were not compromised or breached in any way.”

“Whilst our security protocols were fundamentally effective, we know that 1,827 customers have had their accounts accessed, potentially giving the criminals involved the customer’s name, their mobile telephone number, their bank sort code, the last four digits of their bank account,”

“Our investigation and mitigating actions have meant that only a handful of customers have been subject to any attempts to use this data for fraudulent activity on their Vodafone accounts.” 

A number of sources on Twitter have suggested the attack came from The Dark Web:

The spokesperson went on to discuss the data loss’ ramifications and said:

“However, this information does leave these 1,827 customers open to fraud and might also leave them open to phishing attempts,”

“These customers’ accounts have been blocked and affected customers are being contacted directly to assist them with changing their account details.”

I do find Vodafone’s excuse to be fairly laughable and they have to take responsibility for the data loss. Professionals aren’t going to hack a major network without some form of protection and will make it difficult to trace. The information gathered is more than enough to cause chaos in terms of a person’s bank balance and can be used to help find other details like an email address.

NCA Warning After Hackers Steal £20 Million from UK Bank Accounts

The UKs National Crime Agency have urged the people of Britain to ensure they take adequate measures of online security after a significant strain of malicious software allowed criminal hackers to steal an estimated £20 million from UK bank accounts.

The highly skilled malware developers are thought to be based in Eastern Europe. The details that are collected are then exploited to steal money from individuals and businesses globally. The NSA has reported one significant arrest in relation to the multi-million pound scam. However, only after thousands of computers had already been infected by the Dridex malware known as Bugat and Cridex, with the majority of computers being Windows based machines.

Computers can become infected with the virus when users open documents in emails they believe to be legitimate. I myself have recently received emails proclaiming to be from PayPal stating: “Your PayPal account has been limited! Take a few moments to confirm your information. After you do, you can shop online and send money using your account.” After checking PayPal directly (not through the given link) I establish that there was no such limitation on my account.

To avoid becoming an unwilling victim of the costly Dridex malware the National Crime Agency is encouraging all internet users to ensure they have up to date operating systems and anti-virus software installed on their machines, to protect themselves from further cybercrime attacks. The NSA also urged users to visit the CyberStreetWise and GetSafeOnline websites where they state there is a number of anti-virus tools are available to download to help clean up infected machines; these sites also are a great way to gain further advice on how to protect yourself in the future.

Mike Hulett, Head of Operations at the National Crime Agency’s National Cyber Crime Unit said:  “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to be made.”

What measures do you take to ensure your online security? Let us know down in the comments below.

Thank you National Crime Agency for providing us with this information.

Malware In Hilton Hotels Results in Card Details Being Stolen

How often do you use your card? When you pop down to the shop and breaking that ten-pound note will result in too many coins to carry back? How about when you’re buying things online? Finally, how many have used their cards to book hotels? If you’ve stayed at a Hilton hotel recently and used your card to pay at one of their Point of Sale (POS) terminals, you may want to double check your cards not got anything suspicious on it.

Hilton Hotels has stated they are investigating the possible security breach reported by Brian Krebs, an investigative journalist, who traced a collection of misused cards and found a common source in the till’s that are located in one of the many restaurants and gift shops located in Hilton Hotels  located in the US.

Sadly this is not the end of the story, the security alert that Visa released for this flaw was made in August, with the malware apparently being active between April and July this year. Given the number of hotels, and the ease at which people can pay for things using their cards, the number of potential cards that have been affected by this issue is surely only going to rise as more and more people become aware of it.

As with all cards, credit or debit alike, you should always keep an eye on it and raise any concerns regarding payments that you don’t recall making, or seem to be to companies you’ve never heard of, to your bank/building society.

Thank you the Register for the information.

Image courtesy of ITP.

Apple Contemplates Targeting Ads Based On Bank Balance

How much do you earn? I expect you to tell me it’s none of my business, and you would be right, this information should be private to each individual. But Apple might see things differently and are contemplating targeting specific adverts which are based on your bank balance.

The United States Patent and Trademark Office (USPTO) have awarded Apple a data mechanism by the name of the “targeted ad technology patent” This means that Apple is reported to have devised a way to analyse each user’s available credit in order. This is with the aim of pin pointing said users ability to purchase an advertised product. Basically, Apple is not going to target a Lamborghini at a consumer if they can afford a smart car.

What’s interesting about this patent is how far this ability might go if it’s implemented; would Apple install a tracking piece of software with the aim of analysing each user’s bank balance? Or would it be only confined to own branded services for example Apple Pay etc.

Apples CEO Tim Cook recently gave a speech at a dinner hosted by the Electronic Privacy Information Centre (EPIC) which he stated; “companies are gobbling up everything they can learn about you and trying to monetize it. We think that’s wrong. And it’s not the kind of company that Apple wants to be”. So which Apple will it be, the fun-loving and customer friendly brand, or cash for data and spying on consumers financial affairs conglomerate?

You will know if it’s implemented if you attempt to buy a Rolex and Apple advertises you a Timex.

Thank You Gizmodo and the US Patent and Trademark office for providing us with this information

Image Courtesy of E&T

Apple Pay Now Live In The UK

You may have noticed that in the UK contactless payment is becoming a large thing, with many shops now allowing you to use the system to pay for items if their value is under a set amount (normally around £20). This means that in order to pay for your sandwich at lunch all you need to do is hold your card against the card readers top and after the lights are all green you’ve paid for your food without a single button press. Apple’s answer to this system has just been released live in the UK, ingeniously named Apple Pay.

Apple Pay uses not only your card but also your iPhone or Apple Watch (iPhone 6 or 6 Plus required). This means that after you’ve linked your credit/debit card to your apple account all you need to do is tap your phone against the card reader and provide it with your thumbprint. This gets over one of the biggest worries, in that the near field communication (NFC) used by contactless payments doesn’t require any verification, that is that you don’t need to confirm your identity when you use it. This means as long as all I buy is something to drink and some food that comes in under £20, there is nothing stopping me from using another contactless card. Apple Pay uses your thumbprint to confirm your identity and that you have the permission to use the card you’ve selected to pay for the items.

The system has also been taken up by other companies alongside retailers, Transport for London has stated that you can use the system of readers already installed for Oyster card readers to pay for your bus, tube or train tickets. Argos, Dominoes, Just Eat and even British Airways have also said you will be able to use Apple Pay within their apps.

With a rise to £30 for contactless  payments in September, more and more people are being drawn towards using this system as a way of shopping every day. The extra security provided by Apple Pay can’t hurt, it barely adds any time to the experience and keeps your cards safe, just hope you don’t run out of battery while shopping.

Thank you Engadget for the information.

Image courtesy of Buisness Insider.

How a Hacker Made $45,000 Selling 0Day Exploits to Hacking Team

We previously reported that Italian spyware company, Hacking Team, has been hacked and had 400 GB of data publicly released via torrent websites. Well, Arstechnica reportedly found how easy it was doing business with the latter company by digging through their emails.

It seems that a Russian hacker approached the Hacking Team in 2013 with a few 0day bugs he found on Windows, OS X and iOS operating systems, with price ranges of $30,000 to $45,000. The company apparently was not interested in the latter, but it did show interest in another exploit offered by the hacker, namely the “Adobe Flash Player 9.x/10.x/11.x with the RCE exploit for the current Flash Player 11.9.x for Windows 32/64-bit and OS X 64-bit”.

The correspondence even revealed how the money was transferred to the hacker. According to the findings, the hacker received the money via bank wire transfer in three instalments, one of $20,000 in October 2013, the other of $15,000 in November 2013 and the last one of $10,000 in December 2013. There has not been any evidence of the hacker and the company doing any business up until 2015, when the Russian hacker received another $35,000 in his bank account in Moscow.

Arstechnica also approached the hacker and surprisingly, he explained that such transactions are very common between companies such as Hacking Team and freelance hackers. He stated that such transactions are “routine sales like with ZDI, VCP, pentesters and other legal 0day buyers”. I don’t know about you, but this information is as exciting as it is scary. So what are your thoughts on this?

Thank you arstechnica for providing us with this information

Dyre Wolf Attack Reels in over $1 Million in Wire Transfers

IBM’s Security division has been researching a malware attack they have named ‘The Dyre Wolf’ which is said to have been responsible for stealing over $1 million.

It is said that the hacking campaign uses targeted spear phishing emails, malware and a phone conversation on organisations that use wire transfers.

IBM stated that the attack starts with a single user opening an infected email attachment, having it contacting the attacker’s website and downloading the Dyre malware that hijacks the user’s address book and mails itself through the organisation.

After the infection mentioned above takes place, if a user attempts to log into a banking site, it loads up a new screen that says the site is experiencing issues and shows a phone number for the user to call and make their transaction.

Once the attacker has all the user’s details, a wire transfer is made that runs through a series of international banks. IBM recommends that companies train their employees not to open suspicious attachments or links and remind them that banks do not request their banking credentials in any way.

Thank you Engadget for providing us with this information

Meet Snapcash – Send Money Through Snapchat

Snapchat has just revealed their first product partnership with a third party company – Square Cash, claiming they have been big fans since it’s creation. Square Cash allows you to send money to your friends by simply typing a dollar value into a subject line on your email and hitting send.

The partnership will see this type of money transfer method placed into Snapchat’s current app infrastructure, with the process explained on the Californian-based companies official blog just today:

“The product you’re seeing today is fast, fun, and incredibly simple. After you enter your debit card, it’s securely stored by Square, who will swiftly process your payment and send cash directly to your friend’s bank account. Just swipe into chat, type the dollar sign, an amount (e.g. $11.25), and hit the green button.” Snapchat

It sounds like a pretty easy and convenient feature, however with one major flaw. There’s no talk about in-app security here – if you log in to your normal internet banking applications, they’ll require some form of a PIN code entry alongside disabling the app every time it senses an external application coming into play (like Facebook Messenger being opened over the top). But I see nothing in this release pointing towards this fact. It seems that if you’re going to use this new feature, you should make sure that your phone has a pass-code on the lock screen!

Snapchat makes sure to mention that Square will be dealing with the server-side security of this partnership, claiming that they have ‘a ton’ of experience in this area.

Snapcash has now been made available for 18-year-old and above users in the United States who have a debit card. If you’re interested, here’s their release video.

https://www.youtube.com/watch?v=kBwjxBmMszQ

Image courtesy of GEEK.com

JPMorgan Customers Target in Huge Phishing Campaign

JPMorgan, the No. 1 U.S. bank by assets, has confirmed that spammers have launched a phishing campaign targeting its customers. The spam-campaign is dubbed Smash and Grab and was launched on Tuesday by an unknown group. It however bears the resemblance of Eastern European cybercrime gangs and most of the infrastructure used in the campaign is located in Russia and Ukraine.

“It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler.

Most of the spam was stopped by filters in place by the large providers, but some will always manage to get through. And the phishing mail looks very realistic as it uses original email parts to fake it. The attack is somewhat unusual as it doesn’t just try to grab the credentials of unknowing users, it also tries to infect the PC’s with malware at the same time.

Users who click on the included malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they do not comply with this request, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint. Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America Corp, Citigroup Inc and the Royal Bank of Scotland Group Plc.

Proofpoint saw about 150,000 emails from the group on Tuesday, the first day it noticed the campaign among its customers in the Fortune 500 and higher education. That makes it a moderately large campaign, but the largest attempts involve sending more than 1 million pieces of spam over a few days to Proofpoint clients, said Proofpoint’s VP of Threat Research Mike Horn.

The firm manages over 100 million email accounts. Horn said that Proofpoint quickly identified the spam and was able to stop it from infecting its customers, but was not sure how effective it was at infecting others.

Thank you Reuters for providing us with this information.

Image courtesy of Reuters.

Hackers Want to Make You Play ‘Doom’… on an ATM!

Normally when you hear about hackers and ATMs, you think of someone attempting to steal your credit card details or make the machine spit-out some bills. This time however, it is more fun than drama, since you can get to see how a game can be played on an ordinary ATM.

An Australian hacker named Ed Jones, who also goes by the name of Aussie50, has posted a YouTube video which shows how he is kicking off in ‘Doom’ on the ATM machine. He is stated to give some credit to his partner, Julian, who is said to have sorted out “the software, wiring and logic side”.

There are a lot of questions surrounding the achievement, such as where did he acquire the actual ATM from or, most commonly, will we able to play games on ATMs in the future. Nobody has those answers at present, but the real question is: Does it matter? No, mainly due to the fact that you don’t get to see this everyday. I mean, who doesn’t want to play Doom on an ATM?

[youtube]https://www.youtube.com/watch?v=PW5ELKTivbE[/youtube]

There have been discussions on Ed’s YouTube channel about turning the PIN pad into a controller and using the side panel to select weapons, while also discussing about making the receipt printer into a high-score note to keep after you finish your game session.

When talking about modern games, such as Minecraft for example, Ed pointed out that it is physically impossible to get them running on ATMs, mainly due to the fact that it lacks the performance needed to run them. While he can ‘upgrade’ his customized ATM if he wanted to, that would mean he would have to change about every OEM component found in the ATM.

“I could upgrade the hell out of it and play modern games, but that defeats the purpose of using all of its OEM (original equipment manufacturer) hardware with minimal modification. It lacks a PCI-E slot, so a subtle video card and RAM upgrade is not possible,” Ed stated.

Ed is stated to be thinking of introducing a coin mech below the card reader, which wouldn’t be such a bad idea. A ‘re-invention’ like this could make old games such as Doom popular again and accessible almost everywhere. Julian and Ed are not at their first wacky invention yet. They have been stated to have made Doom available previously on a LED billboard.

[youtube]https://www.youtube.com/watch?v=PxIGuMif1Nk&list=UUlSOZJ7swsJqRadXieu1nlQ[/youtube]

Thank you Mashable for providing us with this information

GoZeuS Returns a Month after Authorities Take Measures Against the Malware

Though authorities had taken action against the GoZeuS and CryptoLocker malware which stole hundreds of thousands of banking logins from users and blackmail them for millions of pounds, it seems that the malwares are back. A month after the campaign, online criminals seem to have tried to rebuild the sophisticated software named GameOver ZeuS, having researchers warn that new threats using much of the same code are aimed at UK users.

Reports say that the ‘original strain’ of the malware targeted by authorities around the world, including the NSA and the FBI, has been in a decline since the campaign started. However, it appears that criminals are now re-establishing the GameOver botnets by taking the original code and reworking it to avoid detection, much like a biological virus modifies its genetic code in order to survive medicine administered against it.

A security company by the name of Malcovery has stated that the new trojan based on the GameOver Zeus binary is spreading through spam emails, claiming to be from the NatWest bank, coming with an attached statement in the content. Anyone who opens the ‘statement’ are said to risk infection, since traditional anti-virus software cannot detect the malicious software. Also, the CEO of Heimdal Security, Morten Kjærsgaard, states that the heads of the original GoZeuS will try to use lesser-known strains in order to avoid law enforcement agencies detecting it.

“Until we start to see a more clear movement pattern of these new Zeus variants, which are starting to surface, we can’t say anything definitive about their extent,” said Kjærsgaard. “There is no doubt though, that many small malware variants could pose the same financial problem for end users as one big nasty piece of malware.” he added.

While the GameOver Zeus botnet earned more than $100 million for its creators, more infections are likely to take place given the new strains. In June however, US authorities are said to have named Evgeniy Bogachev, a Russian national, as the main suspect behind the original malware.

Thank you The Guardian for providing us with this information
Image courtesy of The Guardian

Google is Forced to Censor Negative Information through ‘Right to be Forgotten’

The law given by the European Union, forcing Google to remove links to information people wish to no longer have available on the Internet, is apparently working like a charm. It is so perfect that even criminals, higher-ups and even ordinary people can remove negative information about them, having corrupt politicians, pedophiles, murderers and others come out with a clean sheet.

One such example is a link to a BBC article about Stan O’Neal, former CEO of Merrill Lynch, who led the bank in mid 2000, a time when the mortgage crisis was at its peak. When it finally hit, Merrill suffered huge losses, having the bank sold to Bank of America. O’Neal lost his job as a result, having him exit the banking market with an estimated $161.5 million. The article in question has nothing wrongly written, but it does describe O’Neal’s incompetence during that period in time, having him selling the company without discussing the sale with the board of directors. And as history will remain history, having it removed will no longer be an example to avoid for young investment bankers.

Another notable example is about a former politician who wanted to remove links to a news article regarding his behavior when previously in office. By removing the article, he would have had a clean sheet, securing him a new position to run for. The news article in question is about the politician in question possessing child sexual abuse imagery. Yes, these are people representing nations, having one of the most important functions in a state and also, thanks to the ‘Right to be forgotten’ law, they can even stay ‘clean’ now.

Business insider was told by Forget.me, a company filing these types of request to Google, that they are currently filing around 250 requests per day, having the number of request and type of data to be ‘covered’ displayed below:

If this is not terrifying enough, then maybe the fact that the entire process is so non-transparent that the consequence for the individual is even worse than what the courts intended is. People who have done grave things in the past and we don’t know of just yet may well be our neighbors in the future. The EU law is indeed necessary for some cases, but the extreme cases in which the information could help avoid the same actions in the future, that is not meant to be erased. And yes, this should be terrifying for everyone.

Thank you Business Insider for providing us with this information
Images courtesy of Business Insider

Windows XP Still Installed In 95% Of ATMs Around The World

Bloomberg reports that around 95% of ATMs around the world still run on Microsoft’s 12 years old operating system, which is going to be discontinued in April. Though update support will still be available until 2015, they will still be susceptible to a variety of malware and viruses.

Still, ATMs run on a stripped version of Windows XP called “Embedded”, which is said to be less vulnerable to malware. But since we are talking about Microsoft Windows, nothing is that safe, especially with it being discontinued. And we are not talking about an information machine or coffee maker here, ATMs are extremely important devices which contain currency! A few weeks ago we saw a few cash machines infected with viruses with the help of a USB drive. Imagine what an outdated operating system in ATMs will be like to hackers.

The more bad news comes from Aravinda Korala, CEO at ATM software provider KAL, who states that he expects only 15% of ATMs in the US to be upgraded by the time Microsoft terminates support for Windows XP. Though Microsoft can sell custom support agreements for devices such as ATMs, the cost can soar quickly, to the extent that can lead to a much higher price than upgrading them altogether.

The cost to upgrade a single ATM to Windows 7 can range from a few hundred dollars if its hardware is adequate, to thousands of dollars if new components are required, according to Dean Stewart, executive at ATM maker Diebold. Although not all ATMs can be upgraded by the April deadline, they will still be able to operate, only with a greater risk of malware infection than before. However, customer balances are said to be safe under the standard protections banks offer to ATM users against fraud.

Thank you Bloomberg for providing us with this information

Luxa2 Power Banks and Mobile Accessories Expands At CES 2014

When it comes to premium mobile accessories that don’t carry a premium price tag, Luxa2 is without a doubt one of the top names to look for. Over the last couple of years we have been watching the range of products expand and develop and her in 2014 the story continues with a lineup that is as strong as ever.

It appears to look like everyone and their dog is producing portable battery packs for mobile devices and Luxa2 are a part of this group, however they are keeping their selves one step ahead of the competition with a range that rivals like no-other.

When I say that Luxa2 are leaps and bounds ahead of everyone else, nothing can prove the point more than the P-Mega – a battery bank with a staggering 41600mAh capacity and six USB ports. Being dubbed as the worlds largest battery bank, it’s not just power capacity that is large. This massive cube offers up three 2A ports for high-speed charging and three 1A ports and this is enough to keep your mobile devices charged fro an entire weekend away. Naturally it does carry a higher price tag in comparison to other battery banks but keep your eyes peeled on eTeknix as I’ll have a review on this Goliath battery bank in the next few weeks.

Now for some people, the P-Mega is just a little overkill, so to cater for a wider audience another pair of units are available with more modest capacities of up to 20800mAh.

Whilst battery banks are convenient, the cables are not and this is where items such as the TX-P1 5000mAh wireless charger comes into play. A number of phones these days such as the Nexus 4 and Nexus 5 have the capability to charge wirelessly and this charging bank is just the item to pair with one of these handsets, especially if like me you hate the bulk of cable that you otherwise have to take around with you.

For those of us who are constantly on the go and would like a little style to go with the functionality, guess what – Luxa2 has you covered with a range of charging packs that can either attach to your handbag, suitcase or briefcase, or give a more rugged feel with a rubber surround. For those that also need it, some products also feature a small LED light on the end to help you find things in your bag – you’ll know if this applies to you!

Moving away from portable charging and onto audio, we have a few new and a few existing items on show starting with the Groovy portable speaker system. Connectable via Bluetooth, the Groovy allows you to not only listen to your music as it should be heard, but with its built-in microphone it can also act as a hands-free speaker system for conference call type applications. Next to this is the Groovy T which has a remarkable low price and requires no setup or connections to be made. By simply placing your phone on to of the speaker, the Groovy T simply amplifies the sound that it picks up and makes audio sharing simple and affordable.

Moving along the line we find a few more speaker systems including the Groovy W which we saw last year at Computex which offers both wireless playback and mobile charging and a simple one tough setup with its NFC enabled technology. Beside this is a smaller unit which is new to this years show – the Groovy W Mini. Like its bigger brother, the W mini also features wireless charging for mobile devices, although it does drop the NFC technology. Instead the W Mini allows you to pair a second W mini to the first to give you a wireless stereo speaker system.

On the far end of the table are some of the mobile and headphone mounts – some of which are new to this years lineup. To the left we find a pair of E-One Note headphone stands which feature an all aluminium design and have a simple, sturdy and stylish design to give your headphones just the place to rest when they’re not in use. On the far end of the lineup is the H5 in-car mount which I took a look at earlier this week, however mounted on the wall is a new and improved model that features a sticky suction cup allowing it to mount to virtually any surface with the same firm grip that the H5 offers.

[youtube]http://youtu.be/uYWEJOGPGdM[/youtube]

Man Buys $27 Worth Of Bitcoins From 2009, Now They’re Worth $886,000

You ever forgot that you had some money in the bank? Or perhaps you found and old wallet with £20 in the back, some change in your pocket when your doing the washing, or maybe a few pennies in your cars ashtray? Of course you have, but that isn’t worth a damn thing compared to what Christopher Koch has done.

In 2009 Bitcoin was relatively new, the coins were cheap and Mr Koch from Norway decided to invest $25 in the digital currency, which back then was enough to grab him 5000 coins. Then he did something interesting, he forgot about them.

Fast forward to the present and Koch was reminded about the coins by a news story and spend nearly a full day trying to recall his password for his digital wallet, naturally you can imagine his face when he saw just how many bit coins he had and how much they’re worth.

He bought 5000, at time of writing they are worth $199.40 each!

He’s cashed in a fifth of his investment and bought himself a lush new apartment in his home town. Now that is what I call a great investment.

Thank you HuffingtonPost for providing us with this information.

Texan Briefly Becomes Worlds First Trillionaire Due To Bank Glitch

Can you image what might happen if you found the almost unimaginable amount of money in your bank account that Reggie Theus did? Four trillion dollars was sitting in Mr Theus’ bank account when he logged into his bank to check his account status, but I can bet he wasn’t expecting four trillion dollars and I certainly bet his face was priceless to say the least.

Of course this was a huge mistake (huge may be somewhat of an understatement in this case) on behalf of the bank who had been credited the unfathomable amount due to a glitch on the banks systems, no doubt much to Mr Theus’ disappointment given that he said he had big plans for the windfall.

Newk’s restaurant area director Reggie Theus was going to be a good guy and pay off the US national debt with three trillion dollar, leaving a trillion to spare which he said would leave him with “enough to live on”.

“Well, I was definitely surprised when I looked in my account and saw that much money in there. I looked it up and there’s never been a trillionaire before. I may be the first ever, so that’s pretty neat to be able to say.” He said.

The funds have been returned and Theus has returned to his day job, but at least he gets to claim the title of the four trillion dollar man!

Thank you Metro for providing us with this information.

Image courtesy of Metro.