A new form of malware designed to steal credit card details from point-of-sales systems has been discovered by networking giants Cisco. Named PoSeidon, the threat scrapes information from the transaction completion pages of websites and sends the details onto its servers, which are primarily .ru domains. It is believed the information is then scanned for credit and debit card details before being sold on to organised gangs.
PoSeidon uses a loader binary that can persistently lock onto a targeted machine and stay operational after rebooting. It then connects with a command server to retrieve a URL containing another executable binary, known as FindStr. Finally, it installs a keylogger and scans the system’s memory for number sequences that could be people’s credit card details.
A number of companies have seen their point-of-sales systems hit by cyber criminals in recent years, including the US retailer Target, who had around 40 million credit card numbers stolen as well as the names and addresses of 70 million customers.
This month also saw the emergence of a new form of ransomware known as Trojan.DownLoader11.32458. It is sent to unsuspecting individuals via email as an ‘incoming fax report’ and decrypts files before asking for money.
At Plates PCS, we deal with much more than just computer repairs in Southampton. We are also able to carry out comprehensive virus and spyware scans to remove any threats that may be hiding inside your computer.