A new malware called “Dump Memory Grabber” is found that has been collecting information about credit/debit card information from ATM and point-of-sale systems from major U.S. banks.
This malware is reported by a Russian-based security company called “Group IB” and it seems that the author who made this malware is affiliated with a Russian based cyber crime gang. The security company pointed out that the malware has already stolen multiple data of credit and debit cards from Major U.S. banks such as Chase, Capital One, Citibank and Union Bank of California. Currently Group IV has been working closely with VISA, U.S. banks and U.S. law enforcement agents by sharing its findings about the Dump Memory Grabber malware.
The “Dump Memory Grabber” malware collects and transfers Track 1 and Track 2 data which are encoded into the magnetic stripe of the credit/debit cards. These information includes first and last name, expiration and the bank account number. With this information, one can create a cloned physical debit card.
The malware is written using C++ without any additional libraries which adds itself to the system’s registry and runs automatically whenever the system is on. The malware then creates a txt file which contains memory dumps and stolen data, which is then transferred to a remote server via FTP. It was found that it is a Russian based as the IP address of the remote server originates from a Russian based ISP called “Selectel”, and it was associated with a domain name “CISLAB” which is a Russian company.
It was found that a Boston’s Blanchard’s Liquors also had their POS affected by a malware over the weekend and reports of some customers who have been charged for no reason. After notifying its other customers, they have taken down their credit card machines. Its not clear if they have been affected by the same malware.
Andrey Komarov, CTO of CERT-GIB who is affiliated with Group IB said pointed out they have also found one of the C&C (Command and Control) servers, but many POS and ATMS were infected, and the issue is currently under investigation.
Source: Security Week
A new upcoming Medieval Kingdom SIM game reminiscent of Rim World has just hit a…
Matrexx 30 is small-sized M-ATX computer case, perfect for gamers looking to build a small…
As Big Data drives demand for more distributed storage in the cloud and on premises,…
NVIDIA® GeForce RTX™ 40 Series GPUs are beyond fast for gamers and creators. They're powered…
The next generation AIO liquid cooling is here with the MasterLiquid 360 Atmos. The Atmos…
Kingston’s NV2 PCIe 4.0 NVMe SSD is a substantial next-gen storage solution powered by a…