Ploutus

Description

(Symantec) According to external sources, the malware is transferred to the ATM by physically inserting a new boot disk into the CD-ROM drive. The boot disk then transfers malware.

The criminals created an interface to interact with the ATM software on a compromised ATM, and are therefore able to withdraw all the available money from the containers holding the cash, also known as cassettes.

One interesting part to note is that the criminals are also able to read all the information typed by cardholders through the ATM keypad, enabling them to steal the sensitive information without using any external device.

Names

Name
Ploutus
Ploutus ATM
Plotus

Type

ATM malware

Information

https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=4274cb7f-d65d-4928-bdf4-0275eedc80d2&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments
https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=54602160-07ea-4dbb-8794-14725ea4c8ba&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments
https://www.fireeye.com/blog/threat-research/2017/01/new_ploutus_variant.html
http://antonioparata.blogspot.co.uk/2018/02/analyzing-nasty-net-protection-of.html
https://documents.trendmicro.com/assets/white_papers/wp-cashing-in-on-atm-malware.pdf

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.ploutus_atm

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:ploutus

Other Information

Uuid

fdf897ad-2431-44a2-b3da-b9a3d55d0387

Last Card Change

2022-12-29

Threat Intelligence Garden

Explorer

Ploutus

Ploutus

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks