Malware steals more than 2.6 million card data in commercial systems

A malware campaign has stolen more than 2.3 million credit card and debit card information from at least 2,600 commercial store systems in Brazil, according to information from the Tempest threat intelligence team.

The malware was intended for capturing data from payment cards transacted in point of sale (POS) systems on commerce computers (TEFs). "Analyzing these servers, we understand that this operation was controlled by at least 10 different operators," says Ricardo Ulisses, head of the team.

Amazon invests $ 575 million in Deliveroo, Uber’s rival delivery company

So far, according to Tempest, the operation was discovered before damages occurred with customers as there is no evidence of fraud or leaking of the data that was stolen. Banks, class entities and other members of the security community have already been notified about the problem to avoid future disorders.

The company also says that although it is not possible to say how the malware was installed in the machines, the blow is simple and low in complexity. The virus has three main generic functions: create persistence at the start of the operating system, monitor the records made by the victim through the keyboard of the infected computer and monitor processes of interest, especially in relation to POS software.

Analyzing the source code of the application, the company found a registry of systems infected by malware with information about the victim's computer, such as the machine name and username that was logged in at the time of infection.

Data affected by the malware has already been identified and intercepted, but the passwords have not yet been captured.

About Emmanuel

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

0 Comments:

Post a Comment

Your comment and facebook share will be appreciated