The first variant of ploutus allowed con artists to connect a keyboard to an infected atm and withdraw money. Kal is a company specialising in atm software for bank atms, selfservice kiosks, and bank branch networks. It comes with a launcher that attempts to identify and kill security monitoring processes to avoid detection. Kal will be speaking about our latest solution, kalignite hypervisor, as. Kals world leading atm software solutions are fully emv compliant.
Features rtm retail teller machine kal atm software. The kalignite upgrade package retains the existing atm peripheral devices but offers the ability to connect. With the move of atms to industrystandard computing environments, concern has risen about the integrity of the atm s software stack. Ktc is an enterprisewide atm management solution that provides a comprehensive range of system management and monitoring features for the worlds most advanced atm networks. Kal was established in 1989 and has been in the selfservice business sector ever since. New variant ploutus malware identified best security search. Another option is windows xp embedded, which microsoft rolled out last week. Once deployed to an atm, ploutusd makes it possible for a money mule to obtain thousands of dollars in minutes. Meet piolin, the first atm malware jackpotting atms in us. To this day, kal remains wholly independent, preferring to seek private funding allowing us to maintain our extensive relationships with hardware vendors, solutions providers and end customers. Banks interested in osvirtualization and kalignite. There are various malwares currently inaction worldwide for example. Kal intros tdes upgrade package for atms atm marketplace. An independent banking selfservice and branch software company.
The atm malware interacts with kals kalignite multivendor atm platform in order to dispense cash. All kal products are multivendor, windowscompliant and conform to the industry xfs standard. Once done, the hacker can gain access to the whole operating system and deploy malicious software or modify atm boot scripts. In the seventh edition of the annual survey, learn what the industry thinks about current trends and future expectations of atm software. However, minimal code change to ploutusd would greatly expand its atm vendor targets since kalignite platform runs on 40 different atm vendors in 80 countries. A small number of deployments may still be running older versions such as windows nt, windows ce or windows 2000. Rachid kabbab smart atm software engineer hps linkedin. It offer banks and other atm owners a lowcost microsoft windows. After the atm is infected you can execute commands to dispense cash using a keyboard.
For atms which are already tripledes compliant but are still running os2, kal offers the kalignite os2to xp upgrade. Ploutus is a threat infection that is used to gather money from automatic teller machines or atms. The k3a atm application includes all of the atm functionality required by the most advanced banks, including a full set of atm transactions. Operating at one tenth of the cost of bank atms, the rtm provides all atm transactions including cashout and cashin but has no cash inside the machine. Dec 11, 2001 the new solution integrates kalignite, kals atm software platform, with netkey manager, a multichannel management solution. Kal delivers the worlds best multivendor software for atms. It supports an extensive range of hardware capabilities. Typically, the lifespan of an atm can be up to ten years. Kal will be speaking about our latest solution, kalignite. This package migrates the atm to windows xp sp2 and incorporates the same hardware and software components as the kalignite triple des upgrade. Taken from the fireyeye report these are the unobserved features of ploutusd. Kalignite hypervisor uses red hat virtualization to decouple the atm pc core from the atm operating system. Kal launches kalignite hypervisor a gamechanger for atm.
Ktc kalignite terminal controller a remote management. Kalignite platform kal atm software atm marketplace. The virus affects atm machines running windows xp, windows 7, windows 8 and 8. Kal supplies its software to major global banks including china construction bank, citibank and unicredit. Kal software supports global security standards and actively works towards improving those standards.
To learn more about osvirtualization, click here to read the whitepaper. Software release notes triton systems page 1 of 5 january 21, 2011 triton systems of delaware, llc software release notes 1. The solution is to run both linux and windows 10 in the same atm. More than six out of 10 atm machines in the country will be running on an obsolete operating system when microsoft pulls the plug on windows xp support on april 8, raising serious security and. Regrettably, this is facilitated by many of these atms still running windows xp.
Kals new kalignite hypervisor, in partnership with red hat, is a gamechanging solution that allows banks to break free from enforced, costly and disruptive atm hardware upgrades. An automated teller machine atm is an electronic telecommunications device that enables customers of financial institutions to perform financial transactions, such as cash withdrawals, deposits, funds transfers, or account information inquiries, at any time and without the need for direct interaction with bank staff atms are known by a variety of names, including automatic teller machine. It features a launcher feature which identifies and kills any security monitoring software that are installed on the devices. Ceb has over 1250 atms now deployed running windows xp and kalignite. Kalignite software platform, k3a kalignite advanced atm application, javascript vanillajs. Xfs, k3a design studio, kal ndc host simulator, kalignite trace viewer, kalignite forms designer, ktc kalignite terminal controller, emv extractor tool, ndc. Partnership with kal, a worldleading atm software solutions provider. Jan, 2017 the keyboard allows them access to the atms software. Nov 10, 2004 for atms which are already tripledes compliant but are still running os2, kal offers the kalignite os2to xp upgrade.
The new solution integrates kalignite, kals atm software platform, with netkey manager, a multichannel management solution. The report reveals kal to be the worlds leading software platform for third party applications, with more than 150,000 atms running kals kalignite platform along with an atm application from. On older hardware, an intel technology called vtx is required inside the cpu so that hypervisors are able to operate efficiently. The kalignite emv kernel runs on the kalignite software platform and provides a fast and reliable method of adding emv level 2 capability to an xfs compliant application. Diebold and hence the name, ploutusd3, this new variant was able to control the multivendor atm software kalignite kal. This package migrates the atm to windows xp sp2 and incorporates the same. This means software drivers that are unsupported under new windows operating system versions can now be supported by the hypervisors software drivers instead. Atm software suite the kalignite software suite integrates with and controls atm networks that vary widely in complexity, size and location from banks with just a small number of atms to huge banks with thousands of atms operating globally. Kal is the worlds leading atm software provider, specialising in solutions for bank atms. Rtms run kal atm software so it is easy for banks to securely deliver retail banking services direct to consumers. Atms running windows xp can be hacked using sticky keys.
Under the agreement, north communications can provide kals kalignite software, which is based on windows nt or windows 2000, as part of norths application offerings. Ktc features include software distribution, realtime monitoring, remote diagnostics, reporting, asset management, marketing campaign management, trouble ticketing. Ploutusd, a new variant of ploutus atm malware spotted in. Here is the description of this software on its website. This gamechanging solution allows financial institutions to break free from costly and disruptive atm hardware and software upgrades required for compliance by decoupling the hardware motherboard from the operating system so that software drivers that are unsupported under. Kal is the worlds leading atm software provider, specialising in. In comparison to the previous version it uses a different gui interface. The first product being brought to market will be kalignite hypervisor.
Kalignite hypervisor is available directly from kal or via the banks own atm solution vendor. If the atm is at the end of its serviceable life, or is diffi. Also, crooks need to connect a keyboard to the atm to get what they want, so machines need to have unsecured ports usb or ps2 so that robbers could do that. This means software drivers that are unsupported under new operating system versions, for example, windows 10 ltscs and sacs, can be supported by the hypervisor software drivers instead on current hardware without needing a hardware upgrade. Kal atm software and ceska sporitelna announced the launch of the first atm running windows 10 on a linux hypervisor kal said its new kalignite hypervisor solution, created under a partnership with red hat, represents a breakthrough solution that allows banks to bypass costly and disruptive atm. The kalignite platform runs on 40 different atm vendors in 80 countries, making the new malware variant a great threat. New variant of ploutus atm malware observed in the wild in. No unsupported software in the atm means no risk of regulatory noncompliance. Services include balance inquiry, bill payment, account transfer, mobile topup and more. China everbright bank deploys kalignite multivendor atm software.
Jan 15, 2017 it uses the kalignite multivendor atm platform. Using ploutus, con artists can force an atm to dispense cash with a simple keystroke. Used tools, technologies and programming languages. Jan 12, 2017 the samples we identified target the atm vendor diebold.
Software developer kal contends that windows ce, an os most commonly used for pdas and other handheld devices, can give retail atm deployers more flexibility and functionality at little added cost. An automated teller machine atm is an electronic telecommunications device that enables customers of financial institutions to perform financial transactions, such as cash withdrawals, deposits, funds transfers, or account information inquiries, at any time and without the need for direct interaction with bank staff. Jul 17, 2007 ceb has provided further proof for banks around the world that multivendor atm software projects can transform their atm network. Kals kalignite helps banks reduce network operating costs, deploy new technology faster, and purchase bestofbreed atm system components. Kals leading position in global atm software confirmed in. The samples we identified target the atm vendor diebold. The two oss are combined using a hypervisor the advantage with linux is that the pccore drivers are supported by red hat linux for the lifetime of the hardware the advantage with windows 10 is that all current atm software will continue to run. Aravinda korala, kal software speaks about revolutionizing atms with kalignite. Protect against atm upgrade disruptions and costs with os. New variant of ploutus atm malware observed in the. Kal and ceska launch first windows 10 atm on linux. Ceb has provided further proof for banks around the world that multivendor atm software projects can transform their atm network. Notable atm software that operates on xfs platforms include triton prism, diebold agilis empower, ncr aptra edge, cr2 bankworld, kal kalignite, phoenix interactive vistaatm, and wincor nixdorf protopas.
The keyboard allows them access to the atm s software. Kals product suite enables atm hardware, software and services sourced from multiple vendors to work together perfectly. Apr 23, 2015 kal software supports global security standards and actively works towards improving those standards. The major target of ploutusd is atms running on the following operating systems.
When conveyed to an atm, ploutusd makes it feasible for a cash donkey to get a large number of dollars in minutes. There are numerous variants in the ploutus family of atm threats. This shows that the attackers likely have access to the targeted atm software. Today the vast majority of atms worldwide use a microsoft os, primarily windows xp professional or windows xp embedded. They can either buy physical atms from authorized resellers, which come preloaded with vendor software, or they could just steal the atms directly from the banks facility. This program is a small working progress, set up as a learning activity for the phoenix webmasters web master. Typical platforms previously used in atm development include rmx or os2. Rtms support customer personalisation, onetoone marketing and advertisements. Software release notes triton systems page 1 of 5 april 10, 2009 triton systems of delaware, inc. However, minimal code change to ploutusd would greatly expand its atm vendor targets since kalignite platform runs on 40 different atm vendors in 80 countries, researchers said. New ploutus atm malware variant at large securityweek.
Kal ceo picks up outstanding service award from atmia at the us atm conference. According to experts, ploutusd can be used effectively against atms running on windows 10, 8, 7, and xp. It could run on atms running the windows 10, windows 8, windows 7 and xp operating systems. We were concerned at having to upgrade our hardware so soon after the xp w7 upgrade and we are really happy that virtualization provides us with an alternative option. Notable atm software that operates on xfs platforms include triton prism, diebold agilis empower, ncr aptra edge, absolute systems absoluteinteract, kal kalignite software platform, phoenix interactive vistaatm, wincor nixdorf protopas, euronet efts and intertech inter atm. China everbright bank deploys kalignite multivendor atm. Most atms will remain on windows xp after microsoft pulls. Marketleading atm software company kal is launching kalignite hypervisor, a gamechanging new product for the retail banking industry that solves the. Atm jackpotting is done by gaining physical access to inner computer system and then installing a malware using a usb pendrive.
First discovered in mexico in 20, the malware requires for the attacker to have physical access to the atm and to connect a keyboard to it. Jackpotting, the wrong type of jackpot uhwo cyber security. Kalignite platform delivers a rich application development and runtime environment for atms, kiosks and branch delivery channels, supporting hundreds of atm models from 40 manufacturers, plus more than 250 offtheshelf hardware devices it supports an extensive range of hardware capabilities, including. Edinburgh, scotland marketleading atm software company kal is launching kalignite hypervisor, a gamechanging new product for the.