Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.

 

Breaking news

Anti-govt protesters declare Odessa 'People's Republic' in southern Ukraine

New malware goes directly to US ATMs and cash registers for card info

Published time: March 29, 2013 03:02
AFP Photo / Mario Tama

AFP Photo / Mario Tama

While many consumers already take precautions when shopping online, they may need to start being even more careful - as a new report shows malware is focusing on physical registers and ATMs compromised by attackers looking to harvest card data.

Research conducted by the Russian-based security company Group-IB recently discovered malware called “Dump Memory Grabber,” which it believes has already been used to steal debit and credit card information from customers using major US banks including Chase, Citibank and Capital One, Security Weekly reports.

The malicious code is evidently being installed directly into point-of-sale (POS) hardware (meaning registers or kiosks) and ATMs, and transmitting the harvested information straight out of the magnetic stripes on credit and debit cards - which includes everything from account numbers, to first and last names and expiration dates.

And just how are attackers infecting physical systems? Security researchers point to USB drives as the likely culprits, as modern register systems often have accessible ports, as well as direct connections to the Web.

According to Security Weekly, the harvested information can then be used to produce cloned cards, and they are likely succeeding with the help of individuals with direct access to the POS systems and ATMs - which could include employees.

Group-IB analyzed a video evidently posted by the coder behind Dump Memory Grabber, which includes stolen card numbers, and suggests he (or perhaps she) goes by the name “Wagner Richard,” and is likely inside Russia.

This is of course not the first time that attacks have been directed at physical machines like registers or bank ATMs, though using malware is a stealthier approach than physical “skimmer” ploys, which involve mouldings placed on top of the ATM card slots and keypads that log information from unsuspecting customers.

Researchers with Group-IB believe that Dump Memory Grabber is likely part of a larger cyber-crime gang, a Russian-offshoot of the amorphous Anonymous community, and include members in Ukraine and Armenia. In addition to this latest malware, the group is allegedly also for hire to carry out DDoS attacks.

Comments (13)

Anonymous user 09.05.2013 12:52

Really this a very nice massage to protect the malwares from ATM by the cash registers.

Anonymous user 01.04.2013 16:12

We are legion we do not forget we do not forgive expect us. Go write for the alphabet news

Anonymous user 01.04.2013 15:31

"All the crimes Anonymous committed" did not harm the everyday citizen.. Just corrupt officials..

View all comments (13)
Add comment

Authorization required for adding comments

Register or

Name

Password

Show password

Register

or Register

Request a new password

Send

or Register

To complete a registration check
your Email:

OK

or Register

A password has been sent to your email address

Edit profile

X

Name

New password

Retype new password

Current password

Save

Cancel

Follow us