GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View flipbook of this issue

Care to Share?


Table of Contents

Lead Story

Thriving in a disruptive market - ISO strategies

News

Industry Update

FTC reports on Durbin enforcement

VeriFone says micro-merchant acquiring unprofitable

New malware infects POS terminals

SmartMetric CEO may see confidential info

Features

The Business of Wanting More:
A capitalist's guide to transformation

Five predictions for billing and payment in 2013

Research Rundown

Meet The Expert: Matthew Golis

ISOMetrics:
Showrooming: A merchant's challenge

Selling Prepaid

Prepaid in brief

Gift card mall goes mobile

Gift cards remain prepaid powerhouse

Views

Replacing rootstock: The payments agenda for 2013

Brandes Elitch
CrossCheck Inc.

Education

Street SmartsSM:
Thwart SAD: Winterize your sales plan

Jeff Fortney
Clearent LLC

Take stock with a brand and marketing audit

Peggy Bekavac Olson
Strategic Marketing

Mitigating POS terminal fraud in India

Sunil Rongala
MRL Posnet Private Ltd.

Company Profile

eMerchantPay Corp.

Merchant Statement Analysis

New Products

A smart, customer-centric platform

Genius Customer Engagement Platform
Merchant Warehouse

Patented, online mobile fraud protection

SecureBuy 2.0
SignatureLink Inc.

Inspiration

Use your strengths to improve weak areas

Departments

Readers Speak

Resource Guide

Datebook

A Bigger Thing

The Green Sheet Online Edition

January 14, 2013  •  Issue 13:01:01

previous next

New malware infects POS terminals

Seculert, an Israeli-based security firm, uncovered powerful new malware that targets POS systems. In a Sept. 11, 2012, blog post, Seculert reported that the so-called Dexter malware has infected hundreds of POS systems in 40 different countries worldwide over the last two to three months. Seculert said 42 percent of the infected POS systems are located in North America, with an additional 19 percent of the systems located in the United Kingdom.

Seculert does not know how Dexter targeted POS systems, but did note that over 30 percent of the targeted POS systems were running on servers that use the Microsoft Corp. operating system. Seculert called that percentage unusually high for "regular 'web-based social engineering' or 'drive-by-download' infection methods." According to the security firm, the goal of Dexter is to "steal the process list from the infected machine, while parsing memory dumps of specific POS software related processes, looking for track 1/track 2 credit card data."

Simple but deadly

Josh Grunzweig, Researcher, SpiderLabs at security firm Trustwave, believes Dexter is a common example of malware when viewed at a high level. He said, "It only has three purposes in life - to always be running on the victim machine; to find any card, or track, data in any running program on the victim; and to communicate with the attacker that is controlling it." Grunzweig said Trustwave's SpiderLabs encounters this type of malware all the time in its forensic investigations. But what is unique about Dexter is that it communicated with its host using normal communication channels, but encoded those communications with what Grunzweig characterized as a custom technique.

"It would send out a message to the attacker, by default, every 5 minutes," Grunzweig said. "It would also check the victim to see if there was any track data in its running programs every 60 seconds. If the malware found track data, it would send it out with the next message to the attacker. This cycle repeated until the malware was uninstalled. It also had the ability to receive commands by the attacker. The attacker had the ability to change those timers I previously mentioned, could download and install additional malware, or could remove Dexter altogether."

Grunzweig added, "It's still unclear exactly how the malware is getting on the machines it infects, but at its core Dexter is really no different from other malware."

Security via E2E technology

Mark Bower, Vice President Product Management at enterprise data protection provider Voltage Security Inc., said in a blog post that POS systems are often targeted by fraudsters. "POS systems are often the weak link in the chain and the choice of malware," he wrote. "They should be isolated from other networks, but often are connected. And as a checkout is in constant use, they are less frequently patched and updated and thus vulnerable to all manner of malware compromise. They often store cardholder data."

Bower said end-to-end data encryption (E2E) technology minimizes the risk from fraud schemes like Dexter. E2E technology encrypts payment data when a bankcard is swiped through a POS terminal. "If the POS is breached, the data will be useless to the attacker," he wrote. "The trick is getting it right so that even though the data is protected and secure, it's still compatible to the payment applications in the merchants' systems and in the POS itself."

With E2E technology, data is theoretically protected throughout the lifecycle of the transaction. Bower said merchants' security responsibilities from a Payment Card Industry Data Security Standard perspective are significantly reduced by E2E solutions. "When implemented correctly, this can dramatically reduce the cost of PCI compliance and solve huge risk challenges easily," he noted. "No data, no gold to steal."

Grunzweig urges ISOs and retailers to stay vigilant by "keeping systems up-to-date with the latest patches, ensuring that no default credentials are present on the devices, and really just a defense-in-depth approach will go a long way in ensuring that your systems are not compromised with Dexter, or any other malware for that matter."

For additional news stories, please visit www.greensheet.com and click on "Read the Entire Story" in the center column below the latest news story excerpt. This will take you to the full text of that story, followed by all other news stories posted online.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Super G Capital LLC | Humboldt Merchant Services | Impact Paysystems | Electronic Merchant Systems