Discovered for the first time in 2013, Ploutus enables criminals to empty ATMs by taking advantage of ATM middleware vulnerabilities via an externally connected device. This new variant, dubbed Ploutus-I, builds upon capabilities of prior strains and is tailored to control ATMs from the Brazilian vendor Itautec. Instances of this variant have been seen in attacks across major banks in the region. Further detail is in the blog published by Ocelot.

Cybercriminals in Latin America have gotten significantly more sophisticated, and ATMs remain an insecure vector for many financial institutions, both from physical and logic-based attacks. This malware's complexity highlights the evolution of cybercrime in Latin America and the increasing need for a change in companies' defensive mindset.

Metabase Q and its security research division, Ocelot, provide holistic cybersecurity services to corporations across Latin America.

"Cybercrime is global, but company defenses remain regionally focused," said Mauricio Benavides, CEO of Metabase Q. "Our goal at Metabase Q is to transform the state of cybersecurity in Latin America from a technological, educational and regulatory perspective. This discovery by Ocelot further demonstrates the state of cybercrime in our region and the caliber of our ATM-focused research team."