According to researchers – In 2013, they detected a malware named Backdoor. Ploutus, installed on ATMs in Mexico, which is designed to rob a certain type of standalone ATM with just the text messages. To install the malware into ATMs machines, hacker must connect the ATM to a mobile phone via USB tethering and then to initiate a shared Internet connection, which then can be used to send specific SMS commands to the phone attached or hardwired inside the ATM. How it is Possible ?
Connect a mobile phone to the machine with a USB cable and install Ploutus Malware. The attacker sends two SMS messages to the mobile phone inside the AT
SMS 1 contains a valid activation ID to activate the malware. SMS 2 contains a valid dispense command to get the money out.
Mobile attached inside the ATM detects valid incoming SMS messages and forwards them to the ATM as a TCP or UDP packet. Network packet monitor (NPM) module coded in the malware receives the TCP/UDP packet and if it contains a valid command, it will execute Ploutus Amount for Cash withdrawal is pre-configured inside the malware Finally, the hacker can collect cash from the hacked ATM machine. Researchers have detected few more advanced variants of this malware, some attempts to steal customer card and PIN data, while others attempt man-in-the-middle attacks. This malware is now spreading to other countries, so you are recommended to pay extra attention and remain cautious while using an ATM.
