http://www.techworld.com/security/news/index.cfm?newsID=117060 By Jeremy Kirk IDG news service 08 June 2009 Cash machines are increasingly hosting malware able to harvest a person's card details for use in fraud, a situation that could worsen as the malware becomes more sophisticated, according to a security researcher. Analysts at Trustwave's SpiderLabs research group were surprised earlier this year when it obtained the ATM malware sample from a financial institution in Eastern Europe, said Andrew Henwood, vice president of SpiderLabs's Europe, Middle East and Africa operation. Trustwave does forensic investigations for major credit card companies and financial institutions as well as penetration tests. "It's the first time we have come across malware of this type," Henwood said. The malware records the magnetic stripe information on the back of a card as well as the PIN. That data can be printed out on the ATM's receipt roll when a special master card is inserted to the ATM that launches a user interface. It can also be recorded on the magnetic stripe of that master control card. [...] _____________________________________________ Visit the InfoSec News security bookstore! http://www.shopinfosecnews.orgReceived on Tue Jun 09 2009 - 02:02:18 PDT
This archive was generated by hypermail 2.2.0 : Tue Jun 09 2009 - 02:11:52 PDT