[kekieres]

Hi there!

Has anyone noticed that news:
http://www.safensoft.com/archiv/n/774/1778

I haven't been able to locate any info about that malware except only on symantec.
http://www.symantec.com/connect/forums/ploutus-virus

It seems to me that on 04/09/2013 a malware signature was added for "Backdoor.ploutus":
http://www.symantec.com/security_respon ... 2013-09-04

But then removed on on 05/09/2013 according to that link:
ftp://ftp.symantec.com/AVDEFS/symantec_ ... atsnew.txt

:? May be I'm likely not understanding somthing :D

Anyone has some clue whether is it true or not? Any sample?

Regards.

[EP_X0FF]

As far as I know the only way it installs is manually from the CD, criminals personally. If the sample wasn't uploaded anywhere I don't think you can get it.

[teddybear]

http://blog.spiderlabs.com/2013/10/havi ... outus.html

Does anybody have these samples?
https://www.virustotal.com/en/file/0106 ... /analysis/
https://www.virustotal.com/en/file/34ac ... /analysis/

[Xylitol]

Here we go.

[bsteo]

Ohoho, Olly in action ;)
Thanks dude!

[teddybear]

http://www.symantec.com/connect/blogs/b ... ves-mexico

[Xylitol]

https://www.virustotal.com/en/file/d993 ... 382873218/

[Quads]

http://www.bbc.co.uk/news/technology-25550512


Quads

[jgrunz]

That article is in reference (I believe) to a talk that was given at 30c3 recently where they discussed some Brazilian ATM malware that was discovered. The talk has been posted to youtube, and you can check it out here: https://www.youtube.com/watch?v=0c08EYv4N5A

Haven't had any luck tracking down a sample, but if anyone has any information I'd certainly be interested.

[Aysun]

No, I'm looking for a sample too. We can't contact anyone from conference and ask for hash of their sample maybe?