Security Tales: The Dangerous Barcode
Vladimir Bezmaly | 02.05.2017
- Johann, did you ask to be warned about new malware attacks?
- Of course, Mark.
— I would like to note that recently we have been noticing attacks by one of the oldest families of POS malware, which has been known for almost 10 years. But! The target of cybercriminals using it was almost always the hotel business, and traditional tools were used to move around the compromised network. And recently, hackers have begun to use penetration to collect additional data, which increases the risk of identity theft of victims. For example, the Trojan now steals driver's license data, which is the most common way to confirm identity in the empire.
— As you know, in our country it is customary to confirm some purchases by scanning the barcodes of a driver's license. Well, you never know, maybe minors will want to buy alcohol. But you can't sell it to them until they are 21. And you never know where else proof of age and identity is required.
- And what?
— Ms. N. contacted us. A purchase was made taiwan whatsapp data her card. But what's more, the same purchase was confirmed by scanning the barcode of her card. But at that time she was 1000 km away from the place where the transaction was made. We became interested in this case. Then there were a couple more of the same kind.
— So you want to say that in addition to the magnetic stripe data, RawPOS collects other types of information while the card is swiped at the terminal?
— That's right! Last year, the malware began searching for strings containing the phrase "drivers license" and the mandatory barcode used to identify a person, age, and address.
— Wait, but the barcodes contain the same data: full name, date of birth, full address, gender, height, and even hair and eye color.
- How did you get in touch with him?
-
- Posts: 542
- Joined: Mon Dec 23, 2024 3:13 am