News

Mexican ATM malware could be US-bound

October 28, 2013

An Oct. 25 post to the official Symantec blog said the security company has verified a new strain of the Ploutus malware that was recently used to attack ATMs in Mexico. The new variant has been improved and translated into English, which could mean that it is migrating beyond Latin America, Symantec said.

Ploutus malware was discovered last month in Mexico; the program enables criminals to send a command through the infected ATM's keyboard that causes the machine to dispense all of its funds at once.

Reportedly, criminals have been able to introduce the malware to machines by physically inserting a new boot disk into the machine's CD-ROM drive. The boot disk then Ploutus malware to the machine. The drive is accessible due to an easily picked lock on the machine.

The Symantec blog outlines the details of the attack and the safeguards and best practices deployers can employ to prevent introduction of the Ploutus code. The blog also warns deployers about the increasing sophistication of ATM attacks:

This discovery underlines the increasing level of cooperation between traditional physical world criminals with hackers and cybercriminals. With the ever increasing use of technology in all aspects of security, traditional criminals are realizing that to carry out successful heists, they now require another set of skills that wasn't required in the past. The modern day bank robbers now need skilled IT practitioners on their team to help them carry out their heists. This type of thing isn't just happening in films, it’s happening in real life ...

Read more about security.