These days, consumers are often on the lookout for identity theft scams that may end up compromising many aspects of their finances, but now criminals are doing even more to rip them off, including targeting their banks with malicious software.
A new type of malware that targets point-of-sale systems and ATM card readers known as “Dump Memory Grabber” scans those devices for payment card data and is beginning to infect a large number of the nation’s largest banks, according to a report from SecurityWeek. The list of victims of this new software already includes Chase, Capital One, and Citibank, as well as Union Bank of California. In addition, it seems possible that store-branded credit cards may have also been compromised, because a video of the malware in action, which was posted to a Russian hacker forum, showed a number of Nordstrom’s cards potentially having been exposed.
The malware itself collects data stored in a card reader’s log files, filters the data quickly for credit card information, and then compiles all of it to a simple text file, the report said. That file can in turn be set to download straight to a hacker’s server, or even be sent via email.
Information gathered about the creator of the Dump Memory Grabber malware seems to indicate that he is well-known in the Russian hacking community and has been involved with a large cybercriminal collective — potentially as its administrator — that engages in this type of activity, as well as attacks against a number of well-known security entities, the report said. Further, at least several of the group’s members are also active in Anonymous, and most are younger than 23 years old.
This is certainly not the first type of malware targeted directly at point of sale card readers and ATMs in the last few months, as a program known as “Dexter” may have recently stolen as many as 80,000 credit card numbers from Subway restaurants in 2012, the report said. In all, 42 percent of Dexter infections worldwide were located in the U.S.
The best way consumers can make sure they are not affected by these scams is to pay with cash whenever possible, and also keep close tabs on their financial documents for any suspicious charges that they may not recognize. These may be a sign that an account has been compromised.