Malware in mexican ATM

Forum for analysis and discussion about malware.
User avatar
kekieres
Posts: 10
Joined: Tue Feb 26, 2013 11:48 am

Malware in mexican ATM

Post by kekieres » Wed Oct 02, 2013 5:36 pm

Hi there!

Has anyone noticed that news:
http://www.safensoft.com/archiv/n/774/1778

I haven't been able to locate any info about that malware except only on symantec.
http://www.symantec.com/connect/forums/ploutus-virus

It seems to me that on 04/09/2013 a malware signature was added for "Backdoor.ploutus":
http://www.symantec.com/security_respon ... 2013-09-04

But then removed on on 05/09/2013 according to that link:
ftp://ftp.symantec.com/AVDEFS/symantec_ ... atsnew.txt

:? May be I'm likely not understanding somthing :D

Anyone has some clue whether is it true or not? Any sample?

Regards.

User avatar
EP_X0FF
Global Moderator
Posts: 4811
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: Malware in mexican ATM

Post by EP_X0FF » Thu Oct 03, 2013 3:19 am

As far as I know the only way it installs is manually from the CD, criminals personally. If the sample wasn't uploaded anywhere I don't think you can get it.
Ring0 - the source of inspiration


User avatar
Xylitol
Global Moderator
Posts: 1670
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Malware in mexican ATM

Post by Xylitol » Fri Oct 11, 2013 3:08 pm

Here we go.
You do not have the required permissions to view the files attached to this post.

bsteo
Posts: 84
Joined: Fri Nov 16, 2012 5:50 pm

Re: Malware in mexican ATM

Post by bsteo » Fri Oct 11, 2013 7:05 pm

Ohoho, Olly in action ;)
Thanks dude!


User avatar
Xylitol
Global Moderator
Posts: 1670
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Malware in mexican ATM

Post by Xylitol » Sun Oct 27, 2013 11:27 am

You do not have the required permissions to view the files attached to this post.

Quads
Posts: 148
Joined: Thu May 06, 2010 10:19 pm
Location: New Zealand

Re: Malware in mexican ATM

Post by Quads » Tue Dec 31, 2013 1:17 am


jgrunz
Posts: 4
Joined: Tue May 29, 2012 9:28 pm

Re: Malware in mexican ATM

Post by jgrunz » Tue Dec 31, 2013 2:37 pm

That article is in reference (I believe) to a talk that was given at 30c3 recently where they discussed some Brazilian ATM malware that was discovered. The talk has been posted to youtube, and you can check it out here: https://www.youtube.com/watch?v=0c08EYv4N5A

Haven't had any luck tracking down a sample, but if anyone has any information I'd certainly be interested.

Aysun
Posts: 6
Joined: Fri Nov 01, 2013 2:01 am

Re: Malware in mexican ATM

Post by Aysun » Wed Jan 01, 2014 11:20 pm

No, I'm looking for a sample too. We can't contact anyone from conference and ask for hash of their sample maybe?

Post Reply