Dexter POS malware infections on the rise


by CBR Staff Writer| 09 December 2013

Security researchers detected three separate variants of the Dexter malware, called Stardust, Millenium, and Revelation.

Researchers have warned that about three different variants of the Dexter point of sale (POS) malware are on the loose during the ongoing holiday season, which are aimed at pinching credit and debit card information from innocent consumers.

According to security firm Arbor Networks, two servers have been reportedly hosted to collect data from PoS systems by variants of the Dexter malware and a similar threat known as Project Hook.

Security researchers detected three separate variants of the Dexter malware, called Stardust, Millenium, and Revelation, with the first being developed in November 2012 by researchers from Seculert.

Dexter and Project Hook are aimed at pinching Track 1 and Track 2 information incorporated on the magnetic stripes of payment cards when the transactions are carried out on the affected PoS terminals, and the gained information would allow cloning cards.

Security firm said in a statement that the exact method of compromise is not currently known, however POS systems suffer from the same security challenges that any other Windows-based deployment does.

"Network and host-based vulnerabilities (such as default or weak credentials accessible over Remote Desktop and open wireless networks that include a POS machine), misuse, social engineering and physical access are likely candidates for infection.

"Additionally, potential brittleness and obvious criticality of PoS systems may be a factor in the reportedly slow patch deployment process onPoS machines, which increases risk. Smaller businesses are likely an easier target due to reduced security."

Researchers claim that the malware would mainly hit smaller businesses due to reduced security.

"While the attackers may receive less card data from smaller retailers, infections may be more numerous and last longer due to the lack of security reporting and security staff in such environments," security firm added.

Researchers suggested that consumers can prevent the issue by bolstering their network with broad restrictions on incoming connections to remote desktop systems, and increase the distance between wireless networks from the POS machines.

Such malwares can also be prevented by patching the OS and any third-party applications and by hardening the system to add technologies including Microsoft's EMET when required.

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

716 people like this.
1534 people follow this.

Malware Intelligence

Buy the latest industry research online today!
See more

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.