Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fresh POS Malicious Program Called Decibel Found Within Scripting Language VBScript

IntelCrawler, IT Security Company has reported that its researchers found one fresh malicious program nicknamed 'Decebal' which is created for seizing data stored on POS (point-of-sale) machines. To write this program, its perpetrators used VBScript, a computer language being actively used and which is based on Microsoft developed Visual Basic.

Malicious software created for attacking POS systems has gotten increasingly widespread, while the latest assaults have been attacking Neiman Marcus, Target along with other American retail companies.

According to Chief Executive Officer Andrew Komarov of IntelCrawler, con artists planted Decebal onto compromised servers as well as camouflaged it to appear like a VBScript written program, one of the many scripts and tools continuously developed, to aid system administrators of Windows, after writing them in VBScript, reported SCMagazine.com in news on January 16, 2014.

The CEO added that IntelCrawler merely noticed Decebal on a hijacked online system, yet there were really all options open for pulling tracks out of RAM just like BlackPOS, Alina or Dexter, all RAM-scraping malicious programs do, however, the threat is extremely small, portable as well as script-based.

More intriguingly, Decebal can find out whether any reverse engineering alternatively sandboxing computer program is running on the system it is planted. The threat also substantiates credit or debit card numbers, steals them and subsequently transmits the same onto its command-and-control system.

Different text strings observed within Decebal's code indicate that possibly Romanian cyber criminals created it, as the name is after the Dacian king of Romania Decebalus, state the researchers of IntelCrawler. CIO reported this in news on January 17, 2014.

Agreeing with IntelCrawler's analysis about Decebal's source, Senior E-Threat Analyst Bogdan Botezatu of BitDefender the anti-virus company located in Romania said that the majority of activities, names and strings depict Romanian phrases therefore the possibility that some Romanian wrote the malware remains. CIO published this in news on January 17, 2014.

Disclosing further, the security company stated that no VirusTotal (VT) anti-virus engine could identify the malware as on 17th January 2014 and the malware neither changed since 12th January when it was first checked via VT.

» SPAMfighter News - 1/28/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page