Posted on

vSkimmer Malware Steals Credit Card Information from Payment Terminals

vSkimmer control panel

Researchers from security solutions provider McAfee have come across a Trojan that’s advertised as being capable of stealing payment information from the Windows machines to which credit card readers are attached.

Dubbed vSkimmer, the malware appears to be similar to Dexter, another malicious element that’s designed to target point-of-sale (POS) systems.

However, the cybercriminal that currently sells vSkimmer on the underground market says that his creation is much better than Dexter.

Once it infects a computer, the malware starts collecting information from the machine and sends it back to a control server.

The Trojan can harvest Track 2 data from the magnetic strip of payment cards. Track 2 data includes the number printed on the card, the expiration date, and the CVV.

What’s interesting about this malicious element is that it can also work without an Internet connection. If no Internet is present, it waits until someone connects a USB device labeled KARTOXA007 and copies all the information it harvested onto it.

Additional technical details on vSkimmer are available on McAfee’s blog.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s