GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

A call to Washington


Industry Update

ETA goal remains growing ISOs

TSYS, Central Payment form joint venture

Durbin urges merchants to reject proposed settlement

Mobile payments in the spotlight

ThreatMetrix warns of new malware


GS Advisory Board:
New times, new strategies: What are you doing? - Part 3

Hope begins with one

Selling Prepaid

Prepaid in brief

Good and bad in Green Dot reforecast

Bankers oppose CFPB remittance rule


What's still in your wallet?

Patti Murphy
ProScribes Inc.


Street SmartsSM:
Stocking your MLS toolbox

Jeff Fortney
Clearent LLC

The long tail of the Durbin Amendment

Marc Abbey, Chris Sanson and Casey Merolla
First Annapolis Consulting

Micro attacks: Fraud of the future

Nicholas Cucci
Network Merchants Inc.

Countdown toTIN deadline: Are you ready?

Jacob Young

Pay-at-the-table systems pay for themselves

Rick Berry
ABC Mobile Pay Inc.

Company Profile

Royal Merchant Holdings LLC

New Products

An elegant POS terminal

PAR EverServ 7000
ParTech Inc.

Safe checkout for online merchants

LeapLock Secure Checkout


Pause before you post



Resource Guide


A Bigger Thing

The Green Sheet Online Edition

August 27, 2012  •  Issue 12:08:02

previous next

ThreatMetrix warns of new malware

Sophisticated new malware programs are not only difficult to detect, track and contain, but they also have highly specific targets, said Andreas Baumhof, Chief Technology Officer of ThreatMetrix Inc. As a result, the reputation of electronic devices touted as "malware free" is eroding, and the threat to financial institutions (FIs) and mobile devices is growing, he warned.

An Aug. 9, 2012, report released by ThreatMetrix alerted FIs that a new FI-targeted, peer-to-peer Zeus Trojan malware called Gameover is the "largest financial botnet we've ever seen." The company estimated more than 678,000 computers are infected with Gameover, including computers in 14 of the top 20 Fortune 500 companies.

ThreatMetrix said Gameover, a program that hides in computers and tracks keystrokes, including passwords to accounts accessed online, is the work of a single cyber-crime organization. The malware is spread through fake emails purportedly from legitimate retailers.

A threat to Apple

Gameover is not the only malicious new program out there. A recent ThreatMetrix report detailed how a new criminal malware called Crisis can disrupt, disable and completely take over Apple Inc. Mac computers and lead to "extensive OS X damage and security breaches for OS X users." The malware steals address book information, uploads and downloads files, accesses full file systems, and snoops on webcams, with little chance of being detected.

Baumhof said Crisis is so well hidden and hard to reverse engineer that it represents "a whole new level of sophistication" in malware programming. "Apple has always been known for its virus immunity, but as technology develops very quickly, cyber crime matches the pace," he said. "This is a big jump from what has been seen in the past, and it should make users think twice about protecting themselves against malware on their OS X devices.

"Now that the Apple iOS is much more used, we've seen more and more malware directed at that operating system." Baumhof believes the Crisis malware may have been developed for another purpose before a cyber gang adapted the program to steal data.

Mobile new criminal target

Baumhof said mobile devices are also under attack from cyber criminals. He noted Apple recently removed an app from the App Store after discovering it contained malicious code. At a recent hackers convention, a demonstration showed how to access files on a smart phone by hacking into the near field communication element.

Baumhof said the security software commonly used to protect mobile devices is often unsuccessful against these new forms of malware. "This is a different platform with mobile devices, so the infection vector is different," he said. "The infection can come through common uses like social media. If I get a message, how do I know the link comes from a person who is really a friend? There's no way to find out."

Baumhof recommends that payment professionals pay close attention to what programs and files are being downloaded to computers because criminals are releasing applications that appear legitimate and work as promised, but still contain well hidden, malicious code. "Only click on links you can authenticate," Baumhof advised.

For additional news stories, please visit and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Impact Paysystems | Board Studios