A malware that had been discovered in ATMs in Mexico has improved and translated into English, suggesting that it can be used elsewhere, according to the security company Symantec.
There are two versions of malware Ploutus. Both as we had published were previously built to empty ATMs.
Unlike most malware, to Ploutus can be installed in a quite old fashioned way: with a startup CD in the ATM system running Microsoft Windows. The installation method suggests that cyber criminals are targeting autonomously ATMs where access is easier.
Ploutus displays a graphical user interface, which helps him hacker να περάσει μια αριθμητική ακολουθία στο πληκτρολόγιο του ΑΤΜ και έτσι το malware can be controlled by a keyboard, said o Daniel Regalado, a malware analyzer for her Symantec.
Kevin Haley, director of Symantec Security Response, said in an interview earlier this month that attackers have a deep understanding of software and hardware used in ATMs.
The Ploutus source code "contains Spanish operating names and bad English grammar indicating that malware has been encoded by Spanish-language developers," Regalado says.
But with a new release, Regalado reported that Ploutus became much more powerful and translated into English, indicating that the same malware could be exploited in other countries than Mexico.
Symantec has already informed those who are programming the ATMs to change the boot order in the BIOS and to boot only from the hard disk and not from CD, DVD or USB sticks. It BIOS as also reported by the security company should be password protected.
Η Symantec has published a video showing the different ways to exploit malware.
Watch this