The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
These days, consumers are often on the lookout for identity theft scams that may end up compromising many aspects of their finances, but now criminals are doing even more to rip them off, including targeting their banks with malicious software.
A new type of malware that targets point-of-sale systems and ATM card readers known as “Dump Memory Grabber” scans those devices for payment card data and is beginning to infect a large number of the nation’s largest banks, according to a report from SecurityWeek. The list of victims of this new software already includes Chase, Capital One, and Citibank, as well as Union Bank of California. In addition, it seems possible that store-branded credit cards may have also been compromised, because a video of the malware in action, which was posted to a Russian hacker forum, showed a number of Nordstrom’s cards potentially having been exposed.
The malware itself collects data stored in a card reader’s log files, filters the data quickly for credit card information, and then compiles all of it to a simple text file, the report said. That file can in turn be set to download straight to a hacker’s server, or even be sent via email.
Information gathered about the creator of the Dump Memory Grabber malware seems to indicate that he is well-known in the Russian hacking community and has been involved with a large cybercriminal collective — potentially as its administrator — that engages in this type of activity, as well as attacks against a number of well-known security entities, the report said. Further, at least several of the group’s members are also active in Anonymous, and most are younger than 23 years old.
This is certainly not the first type of malware targeted directly at point of sale card readers and ATMs in the last few months, as a program known as “Dexter” may have recently stolen as many as 80,000 credit card numbers from Subway restaurants in 2012, the report said. In all, 42 percent of Dexter infections worldwide were located in the U.S.
The best way consumers can make sure they are not affected by these scams is to pay with cash whenever possible, and also keep close tabs on their financial documents for any suspicious charges that they may not recognize. These may be a sign that an account has been compromised.
Image: iStockPhoto
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams