Research from IntelCrawler reveals electronic kiosks and ticketing systems, typically for public transport systems, are being targeted by the “d4re|dev1|” malware.

This advanced backdoor malware provides remote administration capabilities, RAM scraping and keylogging features designed to infect a ticketing network and steal payment card data.

One of the findings from the research is that ticketing terminals are sometimes being used inappropriately by staff, for example, for general web surfing, e-mail, and social network interaction.This provides multiple opportunities for either unintended or intentional infection of the ticketing terminal.

"These cases have a common denominator of weak passwords and logins, many of which were found in large 3rd party credential exposures"

Standard PCI DSS security best practice is to limit device functionality to its minimum, so browser software should be disabled or removed if not required and firewalling used to restrict web access for any POS systems unless necessary. Similarly POS file integrity monitoring should be used to maintain system integrity and detect malware activity.

Read the full article here

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JN

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.