Threat Group Cards: A Threat Actor Encyclopedia Archived: 2026-04-06 02:59:15 UTC Home > List all groups > List all tools > List all groups using tool Ploutus Tool: Ploutus Names Ploutus Ploutus ATM Plotus Category Malware Type ATM malware Description (Symantec) According to external sources, the malware is transferred to the ATM by physically inserting a new boot disk into the CD-ROM drive. The boot disk then transfers malware. The criminals created an interface to interact with the ATM software on a compromised ATM, and are therefore able to withdraw all the available money from the containers holding the cash, also known as cassettes. One interesting part to note is that the criminals are also able to read all the information typed by cardholders through the ATM keypad, enabling them to steal the sensitive information without using any external device. Information Malpedia https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fdf897ad-2431-44a2-b3da-b9a3d55d0387 Page 1 of 2 AlienVault OTX Last change to this tool card: 29 December 2022 Download this tool card in JSON format All groups using tool Ploutus Changed Name Country Observed Unknown groups   _[ Interesting malware not linked to an actor yet ]_   1 group listed (0 APT, 0 other, 1 unknown) Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fdf897ad-2431-44a2-b3da-b9a3d55d0387 https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fdf897ad-2431-44a2-b3da-b9a3d55d0387 Page 2 of 2