Law enforcement authorities are tracking a new piece of malware which is targeting point-of-sale (POS) systems at American retail stores and ATMs at major banks. SecurityWeek‘s Fahmida Rashid reports that a Russian-designed program called Dump Memory Grabber is systematically scanning infected POS terminals and ATMs for credit card information. Researchers at Russian security firm Group-IB say that information from credit and debit card customers at Chase, Capital One, Citibank, and Union Bank of California has already been compromised. SecurityWeek claims users of Nordstrom’s store brand credit card may also have been compromised.
Credit card numbers stolen by the malware are allegedly being sold on an underground web form. Crumb traces in the malware’s code and in server communications indicate the malware has Russian origins. ATMs and POS systems are believed to be directly infected with the virus by stateside criminals affiliated with the malware scheme.