Wednesday, December 12, 2012

Dexter - infecting a point of sale near you

Breaking news - more action steps to be provided later as I can find/collate/analyze it.

Two links for more information:

Dexter - Draining blood out of Point of Sales

"Dexter" malware steals credit card data from point-of-sale terminals

Dexter is stealing the process list from the infected machine, while parsing memory dumps of specific POS software related processes, looking for Track 1 / Track 2 credit card data. This data will most likely be used by cybercriminals to clone credit cards that were used in the targeted POS system.

Initial action steps recommended:

Check back end servers for unusual outgoing Internet activity. 

Run updated AV deep scans on all equipment in the Credit Card transmit path. (POS terminals, backend, database)

 . . . more forthcoming . . .


Stop using Debit cards (I've said this before).  Credit cards have much better fraud protection and won't cause you to lose your checking/savings account balances overnight if you get hit.

If you have shopped with your credit or debit card at any restaurant or merchant in the last three months, you should carefully check your transaction history for those cards - a good practice to do in any case and even more vital now.