Custom-made malware is infecting POS terminals
Posted on 12.12.2012
Bookmark and Share
A new type of malware aimed at Point-of-Sale (POS) systems has been spotted on machines belonging to big-name retailers, hotels, restaurants, and parking providers located mostly in Northern America and Western Europe.


Dubbed "Dexter" due to a string contained in some of its files, it is still unknown how it infects affected systems.

Seculert researchers shared that over 30 percent of the compromised POS systems use Windows Server editions, which does not point to the usual web-based social engineering or drive-by download infection methods.

According to the researchers, Dexter is custom-made malware that steals the process list from the infected machines, while simultaneously parsing memory dumps of specific POS software related processes in search for Track 1/Track 2 credit card data.

The stolen data is sent to a remote server operated by the criminals, then used to clone credit cards and steal money from the victims' accounts.

"Instead of going through the trouble of infecting tens of thousands of consumer PCs or physically installing a skimmer, an attacker can achieve the same results by targeting just a few POS systems with specially crafted malware," the researchers pointed out the "beauty" of the scheme.






Spotlight

Identifying security innovation strategies

Posted on 14 April 2014.  |  Tom Quillin is the Director of Cyber Security Technology and Initiatives at Intel Corporation. In this interview he talks about security innovation, current and future threats.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Apr 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //