Hackers can now force ATM machines in Pakistan to release cash without using bank cards or customer details, after a new type of malware began spreading globally. The threat, known as “Ploutus”, allows criminals to take control of ATMs once they gain physical access to the machines. Banks across the country have been warned to tighten security immediately.
An advisory issued by 1LINK has been shared with all scheduled banks in Pakistan, alerting them to the growing risk.
Ploutus does not steal money from customer accounts. Instead, it takes control of the ATM itself. Once hackers gain physical access to the machine, they install the malware directly onto its system. After that, the ATM can be forced to dispense cash without using cards, PINs, or bank approval.
While earlier forms of ATM malware existed, Ploutus stands out because it can be adapted for different ATM brands with minimal effort. This means machines from multiple manufacturers could be vulnerable if security controls are weak or outdated.
Banks have been advised to watch for both digital and physical warning signs. These include:
To reduce the risk, banks have been urged to improve security at multiple levels:
Stronger locks, sensors, cameras, and closer monitoring of ATM access.
Encryption of hard drives, checks on system integrity, and automatic shutdowns if suspicious activity is detected.
Blocking USB ports and external devices by default and allowing access only to approved personnel.
Limiting network connections to trusted systems and watching for unusual activity.
Keeping detailed records of system changes and regularly reviewing ATM activity.