Researcher discovers new malware for payment




Security Researcher Nick Hoffman, who focuses on reverse engineering, a new malware variant discovered that focuses on payment systems. The Getmypass malware focuses on getting out of credit card data from RAM.

The malware is called a ram scraper, which, for example the memory of a payment terminal is checked for the presence of credit card information. Getmypass then checks the data collected relevant data and then encrypted store.

According to Hoffman, the Getmypass still not quite complete: the malware is still missing several parts, for example an essential module to receive commands from the attackers from a so-called command-and-control server. Also the ability to send credit card information collected from a local log file is not yet present. The malicious code is able to remain invisible for 55 virus through testing at the site VirusTotal and it has a certificate of the firm ‘Bargaining active’ in order to do so for themselves as legitimate software.

Despite that the malware has enough parts to be useful to criminals, Hoffman argues that the early code of Getmypass is interesting to study. So researchers can examine how such malware will be expanded and that the builders of such malware apply new techniques.

So-called point-of-sale -malware is particularly a problem in the United States, thanks to the popularity of credit cards and outdated security mechanisms. As it was announced earlier this year that the US retailer Target 70 million credit card details were stolen by hackers through the payment system of the company.

In: Technology & Gadgets Asked By: [18418 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »