To Customer Support To Customer Support

New Ploutus ATM Malware Variant at Large

  • 12 January 2017
  • 5 replies
  • 336 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
By Ionut Arghire on January 12, 2017 A new variant of the Ploutus ATM (automated teller machine) malware was recently observed, capable of interacting with KAL’s Kalignite multivendor ATM platform, FireEye security researchers warn.
 
Dubbed Ploutus-D, the new variant is targeting machines from ATM vendor Diebold, but FireEye says that the list of targets could greatly expand with only a few code changes. The Kalignite Platform runs on 40 different ATM vendors in 80 countries, making the new malware variant a great threat.
 
Full Article

5 replies

Baldrick
Rank
Userlevel 7
Would be interesting to know what OS the ATMs suceptible to this nasty are in fact running, and when the ATM manufacturers are going to go to the trouble of upgrading their software to run on more secure ones. :@
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
DanP
Rank
Userlevel 7
Badge +35
@ wrote:
Would be interesting to know what OS the ATMs suceptible to this nasty are in fact running, and when the ATM manufacturers are going to go to the trouble of upgrading their software to run on more secure ones. :@
"Ploutus-D can run on ATMs running Windows 10, Windows 8, Windows 7 and XP"
 
-Dan
Webroot Threat Research
Baldrick
Rank
Userlevel 7
Well, that is interesting to know...thanks for clarifying...but surely running on a newer OS will not be as easy as running on an older, inherently less secure one?  :D
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
DanP
Rank
Userlevel 7
Badge +35
@ wrote:
Well, that is interesting to know...thanks for clarifying...but surely running on a newer OS will not be as easy as running on an older, inherently less secure one?  :D
In this case it does not matter which OS it is running on since an attacker needs physical acceess to the ATM in order to install and interact with the malware. 
 
The blog post that the article linked in the OP was based on provides more detailed technical information:
https://www.fireeye.com/blog/threat-research/2017/01/new_ploutus_variant.html
 
 
-Dan
Webroot Threat Research
Baldrick
Rank
Userlevel 7
Cheers, Dan...very interesting. Much obliged.
 
Baldrick
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.