A new malware called “Dump Memory Grabber” is found that has been collecting information about credit/debit card information from ATM and point-of-sale systems from major U.S. banks.
This malware is reported by a Russian-based security company called “Group IB” and it seems that the author who made this malware is affiliated with a Russian based cyber crime gang. The security company pointed out that the malware has already stolen multiple data of credit and debit cards from Major U.S. banks such as Chase, Capital One, Citibank and Union Bank of California. Currently Group IV has been working closely with VISA, U.S. banks and U.S. law enforcement agents by sharing its findings about the Dump Memory Grabber malware.
The “Dump Memory Grabber” malware collects and transfers Track 1 and Track 2 data which are encoded into the magnetic stripe of the credit/debit cards. These information includes first and last name, expiration and the bank account number. With this information, one can create a cloned physical debit card.
The malware is written using C++ without any additional libraries which adds itself to the system’s registry and runs automatically whenever the system is on. The malware then creates a txt file which contains memory dumps and stolen data, which is then transferred to a remote server via FTP. It was found that it is a Russian based as the IP address of the remote server originates from a Russian based ISP called “Selectel”, and it was associated with a domain name “CISLAB” which is a Russian company.
It was found that a Boston’s Blanchard’s Liquors also had their POS affected by a malware over the weekend and reports of some customers who have been charged for no reason. After notifying its other customers, they have taken down their credit card machines. Its not clear if they have been affected by the same malware.
Andrey Komarov, CTO of CERT-GIB who is affiliated with Group IB said pointed out they have also found one of the C&C (Command and Control) servers, but many POS and ATMS were infected, and the issue is currently under investigation.
Source: Security Week
High-quality, elegant as well as timeless design and technical innovation these are the features of…
Provide ultra-fast 1ms GTG response time, make sure the intensity and purity of colors when…
Pure Loop 360m is the new high-performing and silent All-in-One water cooling unit of be…
ICON gaming chair from the White Series featuring a high-tech vinyl upholstery Two memory foam…
Limited Edition wireless gaming mouse from Glorious Forge Available in three bold colours: Blue Lynx,…
The flagship ROG Ryujin II all-in-one cooler delivers ultimate thermal performance for gamers looking for…