The CERT-(Nodal department to protect Indian cyberspace and software base infrastructure against any destructive and hacking activities) responsible for Cyber-Security of India, has detected a Trojan in the online debit/credit card transactions on retailers counter.This Trojan name as “DEXTER”,which steals private information of debit/credit card while swiping card on shopping counters of retails stores.
This Trojan been detected while conducting its cryptic operation at the Pos(point Of Sale) on the shopping counters of retails shops.Now PIN is imperative as per RBI guideline's on each transaction after last December while purchasing through debit/credit card.
This Trojan work on “memory dump and grabber” while swiping on the infected machine,grabs information of card and dump the memory after steal.Trojan acquire seven aliases once it's successfully breaching security protocols of PoS terminals,it steals the confidential data like card holder’s name,expiration date,CVV Code,account number and other transactional data from your card which leads to phishing attacks on your account later.
"The malware has routines to collect and parse personal sensitive information from the running processes in memory by enumerating the PoS related processes and has procedure to exfiltrate directly without interim storing in the hard disk," the advisory said.
"The common infection vectors for PoS system malwares includes phishing emails or social engineering techniques to deliver the malware, use of default or weak credentials, unauthorised access, open wireless networks along with the methods of installing malware as a part of service,"
latest advisory issued to the public by the Computer Emergency Response Team (CERT-India)
Trojan is so potent and suspicious that after grabbing information through machine,it exits without any instance of its existence on the infected machine.
“working in the said while customers should be vigilant about their debit and credit cards activities at sale counters swiping, PoS terminals should also firm up their defence mechanisms so that their systems are not compromised”.
senior official counter-cyber attacks department
The agency have given some instruction against the malware attacks
"Keep all PoS computers thoroughly updated including PoS application software, restrict access on PoS systems to PoS related activities only, ensure the networks where the PoS systems reside are properly segmented from non-payment network and restrictive policies on usage should be deployed and enforced,"
"maintain good security policy on the PoS computers (including physical access), disable autorun or autoplay, install and scan anti-malware engines and keep them up-to-date and exercise caution while visiting links within emails received from untrusted users or unexpectedly received from trusted users while also enabling firewall at desktop and gateway level."
the agency recommended.
As per the after the growth in the advance payment system these type of attacks is normal because now everyone wants step-up and want things must be ease for them in the tech scenario.Using above precautions retails store can maintain their security against Trojan.
Image courtesy of Shutterstock