PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Dexter Malware: POS Serial Killer; and More Details on Barnes & Noble Hack

Mercator Advisory Group by Mercator Advisory Group
December 13, 2012
in Analysts Coverage
0
Gift cards, isolated on white

Gift cards, isolated on white background , 3d Render

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

Infosec researchers and fraud threat-detection firm Seculert are reporting that a point-of-sale malware program named Dexter has 200-to-300 active attacks against merchants in 40 countries. Some 42% of attacks are currently happening in North America and 19% in the United Kingdom.

Seculert published a detailed blog entry on its site Tuesday. Infections occurred during the past 2-to-3 months. Fraudsters installed the malware in the systems of “big-name retailers, hotels, restaurants and even private parking providers” running various versions of the Windows operating system, according to the post.

Dexter is stealing the process list from the infected machine, while parsing memory dumps of specific POS software related processes, looking for Track 1 / Track 2 credit card data. This data will most likely be used by cybercriminals to clone credit cards that were used in the targeted POS system.

How POS systems are targeted is yet to be known for sure, but by observing the administration panel of Dexter, Seculert was able to identify that over 30 percent of the targeted POS systems were using Windows Servers. This is an unusual number for regular “web-based social engineering” or “drive-by download” infection methods.

One astute commenter on the blog post asked:

Are the targeted systems POS devices, or back office servers?

I ask, as when I was performing these types of exams, we found RAM scrapers on the back office server…the actual POS devices themselves didn’t run Windows.

If the POS devices are what’s being compromised, that’s interesting…many smaller organizations may have many POS devices, but only one back office server.

How would you think that the bad guy is gaining access to the POS device?

Dark Reading has quotes from Seculert, additional commentary that discusses Seculert’s findings, and more detail on the Barnes & Noble point-of-sale attack.

Remote malware attacks against PoS systems aren’t new, but most PoSes fall victim to physical skimming attacks, where the bad guys rig the devices with sniffers that steal debit- and credit-card information on-site at the stores or other payment machines. Barnes & Noble was the most recent high-profile retailer to get owned by a PIN-pad scam. Rogue PIN pad devices discovered in September at more than 60 Barnes & Noble stores nationwide appeared to be the handiwork of a well-orchestrated financial fraud scheme that rigged just one device at each store.

Barnes & Noble provided few details of the compromise, except that the devices had been tampered with in some way and implanted with “bugs” that allowed the criminals to capture payment card PIN numbers. Security experts speculated that the crime involved physical tampering with the devices. It’s unclear whether that attack is at all related to Dexter, however.

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    legacy infrastructure

    How Modernizing IT Can Help Banks Compete With Fintechs

    February 7, 2023
    Buy Now Pay Later BNPL, B2B BNPL

    B2B BNPL Offers a High-Potential New Chapter in Payments

    February 6, 2023
    eCommerce On Social Media, social commerce

    The Rise of Social Commerce and Social Payments

    February 3, 2023
    Electroneum AnyTask; ETN Crypto, sales enablement

    Ethical Financial Selling: The Role of Compliance Technology and Sales Enablement

    February 2, 2023
    direct deposit

    Nacha Launches Campaign to Reach Millennials on the Benefits of Direct Deposit

    February 1, 2023
    Equinix Helps UK-Based Payments Provider Enable Faster, More Reliable Payments Processing

    Equinix Helps UK-Based Payments Provider Enable Faster, More Reliable Payments Processing

    January 31, 2023
    credit card tumbling

    How to Detect, and Prevent, Credit Card Tumbling

    January 30, 2023
    Why Businesses Need to Adopt Real-Time Payments as a Competitive Differentiator

    Why Businesses Need to Adopt Real-Time Payments as a Competitive Differentiator

    January 27, 2023

    • Advertise With Us
    • About Us
    • Terms of Use
    • Privacy Policy
    • Subscribe
    ADVERTISEMENT
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • News
    • Resources

    © 2022 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result

      Register to download the Equinix report - Dojo Delivers Fast, Reliable and Secure Card Payments to Businesses on Platform Equinix