Oct 18, 2013 Dave King
The point-of-sale (POS) systems of several major South African fast food restaurants were recently discovered to have been infected with malware, allowing cybercriminals to steal credit and debit card information and threatening the security of cardholders' consumer credit data, Tech Central reported.
According to the news source, the Payments Association of South Africa (PASA) and banking risk data provider Sabric have joined Interpol, Europol and the South African Police Service in an investigation into the criminal data breaches.
PASA CEO Walter Volker told news provider MyBroadband that although he preferred not to identify the restaurant chains in question, his organization first found evidence of payment fraud resulting from the breaches earlier this year. In some cases, card information illegally obtained by the installers of the virus, who appear to be part of a large international organization, was sold to third parties or used to create fraudulent physical copies of credit cards, Volker said.
Tech Central printed a statement by PASA regarding the incident. The organization assured the public that major South African banks, as well as Visa and MasterCard, were aware of the breach, and authorities had taken all steps in their power to ensure that consumers are protected from the possible negative effects of the crime.
"The industry has taken immediate and proactive steps to identify the extent of the potential exposure, clean up confirmed sites with effective custom anti-malware software and carefully monitor transactions on the cards involved in order to detect possible unusual activity," PASA said, according to Tech Central.
The malicious software
According to Mail and Guardian, the malware used by criminals to perpetrate the theft of card data is a customized variant of an existing virus called Dexter. Its rise during the last holiday season prompted Seculert to research the software and inform the public.
The unique threat of a malware like Dexter is the ease with which it can target and compromise payment information in an electronic purchase environment.
"Instead of going through the trouble of infecting tens of thousands of consumer PCs or physically installing a skimmer, an attacker can achieve the same results by targeting just a few POS systems with specially crafted malware. Dexter is one example of such malware," Seculert wrote.
At the time of Seculert's study, Dexter was already a considerable threat, with a documented presence in over 40 countries. However, as 42 percent of infected POS systems were in North America and 19 percent were in the United Kingdom at that time, the malware has clearly become a geographical moving target.
Standard Bank responds
MyBroadband noted that the banks, not consumers themselves, have absorbed the loss of funds incurred by the breach. The news source printed a statement by South Africa's Standard Bank in which the organization details its response to the incident and recommends next steps for worried consumers.
The bank reassured customers that it would bear whatever financial difficulty the incident caused, and heightened levels of monitoring have been applied to cards and accounts identified as impacted by the breach. While the bank encouraged cardholders to monitor their consumer credit reports and account information for suspicious activities, it insisted that matters were under control.
"Standard Bank would like to reassure customers that there is no need for undue concern. The banking industry and PASA has well developed and sophisticated fraud and risk management systems in place to limit the exposure of our customers to criminal activity," the bank said, according to the news source.
Nevertheless, the ease with which malicious software can be used to compromise card data is alarming, and businesses using electronic payments solutions might consider taking the best measures available to ensure that their systems are protected against identity thieves.