CONTINUE TO SITE »
or wait 15 seconds

News

Mexican ATMs fall prey to new cyberattack

October 11, 2013

Mexican ATMs have become the target for physically installed malware called "Ploutus."  The malware was designed to take over the ATM at the software level and make it dispense cash on command.

According to a report by The Register, a U.K. publication, many ATMs in Mexico use a readily picked lock that gives thieves easy access to the CD-ROM drive in a machine.

So far the attacks have targeted ATMs at off-premises locations, said Stanislav Shevchenko, chief technology officer at SafenSoft, a Russian developer of software for self-service devices.

As described by SafenSoft, the attack begins when criminals acquire access to the ATM's CD-ROM drive and insert a new boot CD into it. Ploutus malware files are then uploaded into the ATM system, along with disabling anti-virus software.

After the installation, the fraudster activates Ploutus by pressing a special combination of function keys. From that point, the ATM will accept commands from an external keyboard that cause the ATM to dispense.

According to SafenSoft, there are two ways to prevent the installation of the Ploutus malware: 1) disable external storage devices, which is not always possible; and 2) employ specialized protective software that prevents modifications to the ATM operating system, and that uses a self-defense mechanism to prevent it from being disabled outside of normal procedures.

The emergence of new malware with ability to directly extract cash from ATMs is a very alarming sign for self-service device security, said Shevchenko. He said that such malware allows cybercriminals to skip the risky cash withdrawal process required by traditional ATM trojans and skimmers that steal card information.

Additionally, by spreading malware in this way, criminals can easily bypass standard antivirus-based protection on an ATM. If that Trojan becomes widely distributed at any bank without specialized protection software on its ATMs, the FI will have hard times ahead, he said.

Read more about security.

Related Media

Software
Top 10 ATM software solutions
Software
Examining the past, present and future of XFS
Commentary
ATM features: 5 to include
Special Report
2024/25 ATM & Self-Service Software Trends
Presented by KAL ATM Software GmbH
Recent Posts
Eurasian Bank selects Diebold Nixdorf's self-service software
First National Bank to open 30 branches
Replacing the ATM: Pros and cons of new vs. remanufactured
Romanian man arrested for alleged cash trapping ATM scheme
Chase partners with The Points Guy for Make-A-Wish sweepstakes


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'