View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 9, 2013

Dexter POS malware infections on the rise

Security researchers detected three separate variants of the Dexter malware, called Stardust, Millenium, and Revelation.

By CBR Staff Writer

Researchers have warned that about three different variants of the Dexter point of sale (POS) malware are on the loose during the ongoing holiday season, which are aimed at pinching credit and debit card information from innocent consumers.

According to security firm Arbor Networks, two servers have been reportedly hosted to collect data from PoS systems by variants of the Dexter malware and a similar threat known as Project Hook.

Security researchers detected three separate variants of the Dexter malware, called Stardust, Millenium, and Revelation, with the first being developed in November 2012 by researchers from Seculert.

Dexter and Project Hook are aimed at pinching Track 1 and Track 2 information incorporated on the magnetic stripes of payment cards when the transactions are carried out on the affected PoS terminals, and the gained information would allow cloning cards.

Security firm said in a statement that the exact method of compromise is not currently known, however POS systems suffer from the same security challenges that any other Windows-based deployment does.

"Network and host-based vulnerabilities (such as default or weak credentials accessible over Remote Desktop and open wireless networks that include a POS machine), misuse, social engineering and physical access are likely candidates for infection.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"Additionally, potential brittleness and obvious criticality of PoS systems may be a factor in the reportedly slow patch deployment process onPoS machines, which increases risk. Smaller businesses are likely an easier target due to reduced security."

Researchers claim that the malware would mainly hit smaller businesses due to reduced security.

"While the attackers may receive less card data from smaller retailers, infections may be more numerous and last longer due to the lack of security reporting and security staff in such environments," security firm added.

Researchers suggested that consumers can prevent the issue by bolstering their network with broad restrictions on incoming connections to remote desktop systems, and increase the distance between wireless networks from the POS machines.

Such malwares can also be prevented by patching the OS and any third-party applications and by hardening the system to add technologies including Microsoft’s EMET when required.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.