ATMs and point-of-sale (POS) systems have been a target for many cybercriminal groups over the past several years resulting in some of the largest card breaches and money heists in history. While attackers have various ways to break into these machines, researchers now warn that vulnerabilities in the drivers they contain could enable more persistent and damaging attacks.
Researchers from Eclypsium, a company that specializes in device security, have evaluted the security of device drivers, the programs that allow applications to talk to a system’s hardware components and leverage their capabilities. Over the past year, their research project, dubbed Screwed Drivers, has identified vulnerabilities and design flaws in 40 Windows drivers from at least 20 different hardware vendors, highlighting widespread issues with this attack surface.
