Posts Tagged ‘Dexter malware’

bank cardsSeculert’s experts found specialized malware steals details of bank cards of sale terminals under Windows.

The malware, named Dexter, is introduced into the system process iexplore.exe, providing it with a restart when disconnected by hand and prepare a list of active processes, each determines the available memory space, it reads in a local buffer, using the ReadProcessMemory, and exposes dump analysis (parsing ), looking for the information to be copied and sending.

According to the blog post ‘Kaspersky Lab’, Dexter interested in data tracks 1 and 2 plastic cards: the owner’s name, expiration date and card number, including the code of the issuer, class and type of card, account number, sometimes – the country code. This information is sufficient to produce a fake. (more…)

Computer VirusesExperts from the Israeli company Seculert, which is responsible for IT security, reported the discovery of an unusual virus, which in recent months has infected POS terminals in 40 countries.

While infecting the virus, called on the line in some components of the virus, steals cardholder data passing through the affected terminal. According to experts, now has stolen data on tens of thousands of credit and debit cards.

The virus infects Dexter POS running of Windows, stores large retailers, as well as hotels, restaurants and even in offices of private car parks. Dexter the first samples of the virus were found in studies of other threats. When experts analyzed the virus, they were able to gain access to the management server, which is located in the Seychelles. It is on this server passed the stolen data on bank cards.

In addition to information on payment cards, the virus sends Dexter to the management server list of processes running on the affected system. After receiving the list, cybercriminals verify compliance processes to a particular set of programs for the POS. If any of the processes corresponding to a specific software, the hosts of the virus cause the virus to capture memory and transmit the image to the management server. (more…)