SafenSoft presents first public analysis of Ploutus ATM Trojan to Russian banks
Stanislav Shevchenko, chief technology officer at SafenSoft, Russian software developer of information security solutions for businesses, banks and ATMs, will present detailed analysis of the newest and most dangerous ATM Trojan during ATM Security Training on 24 & 25 March at the Mariott Tverskaya hotel in Moscow. An event module called "Ploutus code examination and security recommendations" will include the malicious code implementation investigation, dissecting the process of infection and a review of Ploutus technical details and key features.
Ploutus was first detected in Mexico in September 2013. During the ATMs with missing cash investigation the unknown malicious software was detected in the ATM system. That code had the abilities to disable the antivirus software in the system it infects. It is aimed at the ATM software alone and does not interact with ATM owner's database in any way. It's main feature, however, is the direct and unlimited cash out from the ATM with infected system.
The most important key feature of Ploutus is the ability to disable traditional information security software during the infection phase. Another feature causing problems to the defending side is the ability to self-destruct which makes it very hard to investigate the ATM malfunctions for banks. The largest Ploutus use known to this day is the attack on the ATM network of one of TOP-10 Ukrainian banks in February 2014 when the self-service devices across the whole country were stripped of cash during single weekend.
ATM Security Training will bring together stakeholders from across Russia and CIS region to discuss the latest threats and opportunities. This course covers the full ATM life cycle including: evolution and latest ATM Physical, Fraud and Logical Threats; Overview of Risk Management Approach, Security Strategy, Implementing Controls and Procedures.
March 19, 2014
All news |
Print this page
February 19, 2014
April 11, 2014