back Back

Metabase Q discovers a new variant of malware targeting Latin American banks

By Pavithra R

March 03, 2021

  • Metabase
  • Mexico

Metabase Q, an analytics-driven cybersecurity company securing Latin American organizations from cyber attacks, has announced its security research division, Ocelot, has discovered a new variant of Ploutus, one of the most sophisticated ATM malware families globally.

Ploutus was discovered for the first time in 2013. It enables criminals to empty ATMs by taking advantage of ATM middleware vulnerabilities via an externally connected device. Since its first discovery, Ploutus has evolved to target various XFS middleware types, focusing on banks across Mexico and Latin America. The new variant, dubbed Ploutus-I, builds upon capabilities of prior strains and is tailored to control ATMs from the Brazilian vendor Itautec. 

Itautec has been connected to other major ATM players over the years. In 2013, the Japanese manufacturer OKI, partnered with Itautec to enter the Brazilian market; subsequently, NCR acquired OKI’s IT services and selected software in Brazil in 2019.

Ploutus-I has always been written in .NET Framework as a method of further obfuscation to avoid signature-based detection and to make the reverse engineering task very challenging.

“Cybercrime is global, but company defenses remain regionally focused. Our goal at Metabase Q is to transform the state of cybersecurity in Latin America from a technological, educational and regulatory perspective. This discovery by Ocelot further demonstrates the state of cybercrime in our region and the caliber of our ATM-focused research team,” said Mauricio Benavides, CEO of Metabase Q.

Cybercriminals in LATAM have gotten significantly more sophisticated, and ATMs remain an insecure vector for many FIs, both from physical and logic-based attacks. This malware’s complexity highlights the evolution of cybercrime in LATAM and the increasing need for a change in companies’ defensive mindset.

Founded in 2017, Metabase Q is a cybersecurity managed services company focused on securing Latin American organizations from cyber attacks. The firm offers custom-designed cybersecurity solutions and services designed to optimally protect companies of various industries and sizes against cyber attacks.

Previous Article

March 03, 2021

additiv teams up with Clarity AI to bring sustainability insights to wealth managers

Read More
Next Article

March 03, 2021

Axis Bank ties up with WhatsApp to launch banking services

Read More

IBSi Daily News Analysis


February 23, 2024


Regulated firms battle surge in financial crime attempts, research reveals

Read More

IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News

February 23, 2024

Prove Identity & TargetData join forces to drive expansion in Brazil

Read More

February 22, 2024

Bud & Fintech Galaxy bring AI-led Open Banking solutions to MENA

Read More

February 21, 2024

Why banking Industry needs to prioritize risk culture reform

Read More

Related Reports

Sales League Table Report 2023
Know More
Global Digital Banking Vendor & Landscape Report Q4 2023
Know More
Wealth Management & Private Banking Systems Report Q4 2023
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q4 2023
Know More

IBSi Sales League Table

The industry acknowledged barometer of global banking technology vendor performance!
Get your copy now!
Get your copy now! IBSi Sales League Table 2023