Custom-made malware is infecting POS terminals
Posted on 12.12.2012
A new type of malware aimed at Point-of-Sale (POS) systems has been spotted on machines belonging to big-name retailers, hotels, restaurants, and parking providers located mostly in Northern America and Western Europe.


Dubbed "Dexter" due to a string contained in some of its files, it is still unknown how it infects affected systems.

Seculert researchers shared that over 30 percent of the compromised POS systems use Windows Server editions, which does not point to the usual web-based social engineering or drive-by download infection methods.

According to the researchers, Dexter is custom-made malware that steals the process list from the infected machines, while simultaneously parsing memory dumps of specific POS software related processes in search for Track 1/Track 2 credit card data.

The stolen data is sent to a remote server operated by the criminals, then used to clone credit cards and steal money from the victims' accounts.

"Instead of going through the trouble of infecting tens of thousands of consumer PCs or physically installing a skimmer, an attacker can achieve the same results by targeting just a few POS systems with specially crafted malware," the researchers pointed out the "beauty" of the scheme.






Spotlight

Best practices for ensuring compliance in the age of cloud computing

Here are the major considerations organizations should incorporate into their compliance programs, as well as pitfalls that can be avoided to ensure businesses stay compliant while using cloud computing.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Sep 3rd
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //