Security researchers have discovered that criminals are the target on so-called point-of-salesystems and atms, to credit card numbers to steal. Hundreds of devices would be with the malware are ge lwa nfecteerd.
The hundreds of infected devices have led to the credit card data of customers of several major Us banks, including Chase and Citibank, were stolen. That writes SecurityWeek. The cracked systems are atm machines, and systems that are used for the checkout process, so-called point of sale-vending machines.
Most of the attacks that the researchers of security company Group-IB discovered were carried out with help from the inside, usually by employees who were responsible for maintaining and updating the systems. A number of systems that have Windows XP, and Windows Embedded ran, was remotely hacked by the devices to log in via remote desktop or VNC. There was also a burglary on the networks to which the devices were connected.
The in C++ written malware to intercept credit card numbers and upload this data via ftp to a command-and-control server. This server would in the name of a Russian internet service provider. The group behind the attack, would also command ddos attacks for $ 2 per hour. Many members of the group according to Group-IB under the age of 23 years and originate from Eastern Europe. How Group-IB that to know is to come is unknown.