Research from IntelCrawler reveals electronic kiosks and ticketing systems, typically for public transport systems, are being targeted by the “d4re|dev1|” malware.

This advanced backdoor malware provides remote administration capabilities, RAM scraping and keylogging features designed to infect a ticketing network and steal payment card data.

One of the findings from the research is that ticketing terminals are sometimes being used inappropriately by staff, for example, for general web surfing, e-mail, and social network interaction.This provides multiple opportunities for either unintended or intentional infection of the ticketing terminal.

"These cases have a common denominator of weak passwords and logins, many of which were found in large 3rd party credential exposures"

Standard PCI DSS security best practice is to limit device functionality to its minimum, so browser software should be disabled or removed if not required and firewalling used to restrict web access for any POS systems unless necessary. Similarly POS file integrity monitoring should be used to maintain system integrity and detect malware activity.

Read the full article here

Products
USA Offices
New Net Technologies Ltd
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
emailUSinfo@nntws.com
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
Redbourn,
St Albans

Herts
AL3 7PR

Tel: 08456 585 005
Fax: 08456 122 031
emailinfo@newnettechnologies.com
NNT Newsletter
Sign up to receive our monthly newsletter covering breaking security news, how-to-tips, trends and commentary directly to your inbox.


Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies Ltd. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies Ltd.
All other product, company names and trademarks are the property of their respective owners.