Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
  • Go

McAfee Identifies Fresh Trojan that Attacked POS Systems

One fresh PC Trojan that can seize debit/credit card information by infecting POS (point-of-sale) machines, of late, has been exposed, state investigators from McAfee the security company.

Chintan Shah, Security Researcher at McAfee says that the Trojan named vSkimmer targets Windows PCs to which readers of credit or debit cards are hooked. PCWorld published this in news on March 24, 2013.

Indeed it was on 13th February 2013 that the sensor network of McAfee first spotted the malicious program. Presently it's getting promoted on websites designed for cyber-criminals and described as more advanced compared to Dexter, also one point-of-sale malware which security researchers uncovered during December 2012.

To work, when vSkimmer is planted onto a target PC, it collects details regarding the computer's operating system along with its version, exclusive Globally Unique Identifier (GUID), active username, hostname, and default language. These details are then transmitted onto the Trojan attackers' C&C (command-and-control) system after encrypting them, following HTTP requests. The attackers utilize the information for monitoring individually contaminated systems. Thereafter, the server is expected for sending a command to the malware that waits for the former's "upd" (update) or "dlx" (download and execute) instruction.

Moreover, vSkimmer hunts for each and every active process' memory from the PC it contaminates, but spares ones that are white-list hard-coded, to garner info which corresponds with a particular model. It then digs at Track 2 date of payment cards that comprise card number, its Card Verification Value (CVV), and date of expiry.

An even more fascinating aspect regarding vSkimmer involves its ability to function despite no Internet connection on the system. For that it hangs around till somebody inserts a Universal Serial Bus stick tagged KARTOXA007 after which it copies the entire data from that device.

Elaborating on this feature, Messaging Data Architect, Adam Wosotowsky of McAfee Labs conjectures about cyber-attackers who possibly began infecting computers using 'vSkimmer' through USB sticks. Apparently, for USB infections, there should be an inside task alternatively secret scam, such as communicating with employees to let one access the computers, the expert adds. Scmagazine.com published this dated March 22, 2013.

Related article: McAfee Slams Microsoft over Vista Security

» SPAMfighter News - 01-04-2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next