Seculert researchers are warning of new malware called Dexter, which specifically targets point-of-sale (POS) systems.
“Dexter is custom-made malware that has been used over the 2-3 months to infect hundreds POS systems,” Seculert CTO Aviv Raff wrote in a blog post. “Some of the targeted POS systems include big-name retailers, hotels, restaurants and even private parking providers.”
“The company’s researchers found a sample of the Dexter malware while investigating other threats, [Raff] said Tuesday,” writes Computerworld’s Lucian Constantin. “After analyzing it, they were able to gain access to a command and control (C&C) server hosted in the Republic of Seychelles, where the malware uploaded the stolen payment card data, he said.”
“Businesses infected in the past three months are located in 40 different countries, with 30 percent of those compromised located in the US, 19 percent in the UK, and nine percent in Canada,” writes Ars Technica’s Dan Goodin. “Malware that infects point-of-sale terminals can be one of the most efficient ways to carry out payment card fraud because it targets machines with access to large amounts of the required data.”
“Named from a string of text inside of itself, Dexter’s method of infection remains a mystery,” writes TechNewsDaily’s Ben Weitzenkorn. “It’s unlikely that POS machines would become infected via drive-by download, phishing scam or something similar as those devices are not used to surf the Web.”