Malware in mexican ATM

Forum for analysis and discussion about malware.

Malware in mexican ATM

Postby kekieres » Wed Oct 02, 2013 5:36 pm

Hi there!

Has anyone noticed that news:
http://www.safensoft.com/archiv/n/774/1778

I haven't been able to locate any info about that malware except only on symantec.
http://www.symantec.com/connect/forums/ploutus-virus

It seems to me that on 04/09/2013 a malware signature was added for "Backdoor.ploutus":
http://www.symantec.com/security_respon ... 2013-09-04

But then removed on on 05/09/2013 according to that link:
ftp://ftp.symantec.com/AVDEFS/symantec_ ... atsnew.txt

:? May be I'm likely not understanding somthing :D

Anyone has some clue whether is it true or not? Any sample?

Regards.
User avatar
kekieres
 
Posts: 10
Joined: Tue Feb 26, 2013 11:48 am
Reputation point: 0

Re: Malware in mexican ATM

Postby EP_X0FF » Thu Oct 03, 2013 3:19 am

As far as I know the only way it installs is manually from the CD, criminals personally. If the sample wasn't uploaded anywhere I don't think you can get it.
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 4744
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 560


Re: Malware in mexican ATM

Postby Xylitol » Fri Oct 11, 2013 3:08 pm

Here we go.
You do not have the required permissions to view the files attached to this post.
User avatar
Xylitol
Global Moderator
 
Posts: 1618
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Reputation point: 479

Re: Malware in mexican ATM

Postby bsteo » Fri Oct 11, 2013 7:05 pm

Ohoho, Olly in action ;)
Thanks dude!
bsteo
 
Posts: 84
Joined: Fri Nov 16, 2012 5:50 pm
Reputation point: 12

Re: Malware in mexican ATM

Postby teddybear » Sat Oct 26, 2013 2:27 pm

User avatar
teddybear
 
Posts: 16
Joined: Tue Sep 24, 2013 11:06 am
Reputation point: 2

Re: Malware in mexican ATM

Postby Xylitol » Sun Oct 27, 2013 11:27 am

You do not have the required permissions to view the files attached to this post.
User avatar
Xylitol
Global Moderator
 
Posts: 1618
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Reputation point: 479

Re: Malware in mexican ATM

Postby Quads » Tue Dec 31, 2013 1:17 am

Quads
 
Posts: 148
Joined: Thu May 06, 2010 10:19 pm
Location: New Zealand
Reputation point: 22

Re: Malware in mexican ATM

Postby jgrunz » Tue Dec 31, 2013 2:37 pm

That article is in reference (I believe) to a talk that was given at 30c3 recently where they discussed some Brazilian ATM malware that was discovered. The talk has been posted to youtube, and you can check it out here: https://www.youtube.com/watch?v=0c08EYv4N5A

Haven't had any luck tracking down a sample, but if anyone has any information I'd certainly be interested.
jgrunz
 
Posts: 4
Joined: Tue May 29, 2012 9:28 pm
Reputation point: 0

Re: Malware in mexican ATM

Postby Aysun » Wed Jan 01, 2014 11:20 pm

No, I'm looking for a sample too. We can't contact anyone from conference and ask for hash of their sample maybe?
Aysun
 
Posts: 6
Joined: Fri Nov 01, 2013 2:01 am
Reputation point: 1

Next

Return to Malware

Who is online

Users browsing this forum: No registered users and 4 guests