Ploutos_and_ploutus

They were speaking over the phone while doing this it

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: h of July of 2013. This suggests that this malware is under active development. Another remarkable research was conducted by Barnaby Jack and presented at Black Hat 2010. He was able to hack ATMs from Tranax and Triton, getting complete control of the device and being able to cash out. However no malware exploiting these vulnerabilities has been found in the wild. Ploutus/Ploutos is the third malware targeting ATMs, in this case affecting only NCR devices. Campaign details According to external researchers the malware was uploaded to ATMs using their CD- ROMs, apparently by picking a lock. The Mexican police arrested 2 Venezuelan suspects based in Mexico and related to this case. The arrest was made last August 24th , before the information about the malware was made public Figure 1: Arrested suspects The suspects were arrested while stealing 426,000 pesos from an ATM. The employees in the store where the ATM was, observed how they were able to get the money without using any card. They were speaking over the phone while doing this. It is not the first time that an ATM Venezuelan gang operates in Mexico, there are references from 2006, in this case use social engineering. The number of ATM affected and the amount of stolen money remains unknown. TLP: Green 5 First version: Ploutos The first version of “Ploutus” was detected in Mexico in September 2013. Apparently the malware was installed by getting physical access to the ATM CD- ROM. The malware’s main functionality is to cash out mon...
View Full Document

Ask a homework question - tutors are online