Media Kit

Fb Share

During the Christmas holidays, families across America were anxiously awaiting the day of merriment and joy when they could rip open their presents, spend time with family, and watch football on the couch while recovering from a feast fit for a king. Computer hackers were looking forward to the holidays as well. They were busy creating a little piece of code called “Dexter” that is capable of stealing data from point-of-sale (POS) systems, and it has been stealing credit cards this holiday season.

While Dexter is not the first custom created code designed to attack POS systems directly, it has been one of the most successful ones in recent history with potentially 200-300 retailers (no telling how many individual locations this includes) affected by it, according to an article published by Dark Reading last month. The article credits the security firm Seculert for first detecting and publishing information about Dexter on its website. A link to their findings can be found here.

So is this just an interesting technological achievement that has no real impact on retailers, or is it something that you should be concerned about if you run a POS system? Well, as someone who spends almost all his time helping people manage and maintain good security I would suggest that this threat should be treated as a real issue. I am not alone either. Credit card processor, First Data, and credit card company, Visa, agree with me on this one as well.

On December 24th, First Data issued a warning to several merchants about Dexter claiming that Visa has received several reports of POS systems being compromised by the malware. The good thing about this notification is that it not only describes the problem, but it includes steps a merchant can take to see if they have been compromised. The warning includes the following URLs and IP addresses that should alert you that your system might have been compromised (we have identified potentially 2 more IP addresses and we are including those below as well):

  • 11e2540739d7fbea1ab8f9aa7a107648.com
  • 7186343a80c6fa32811804d23765cda4.com
  • e7dce8e4671f8f03a040d08bb08ec07a.com
  • e7bc2d0fceee1bdfd691a80c783173b4.com
  • 815ad1c058df1b7ba9c0998e2aa8a7b4.com
  • 67b3dba8bc6778101892eb77249db32e.com
  • fabcaa97871555b68aa095335975e613.com
  • 50.116.41.199 (added by VendorSafe)
  • 173.255.196.136
  • 176.31.62.77
  • 176.31.62.78 (added by VendorSafe)

If any of your systems are sending data to these addresses, you should be concerned. At the very least, if you are reading this posting, and you do not know how to determine if you have been compromised, seek professional guidance. Your anti-virus software will probably not be an effective tool against this particular malware because it will take time for the virus signatures to be updated to detect it. This is not something that you should ignore. If you do not feel up to the task of detecting the presence of the malware yourself, contact your IT resource to assist you, or engage with a firm that can.

Have a safe and happy New Year.

Related Content

User Comments – Give us your opinion!
Products & Services

SLABB X9E Kiosk

http://global.networldalliance.com/new/images/products/7049.png

7049/SLABB-X9E-Kiosk

Security Cabinets

http://global.networldalliance.com/new/images/products/4744.png

4744/Security-Cabinets

PCI Compliance Services

http://global.networldalliance.com/new/images/products/4892.png

4892/PCI-Compliance-Services

Olea Metropolis Kiosk

http://global.networldalliance.com/new/images/products/4326.png

4326/Olea-Metropolis-Kiosk

PeopleMatter HIRE™

http://global.networldalliance.com/new/images/products/4625.png

4625/PeopleMatter-HIRE

LG 55WS10-BAA

http://global.networldalliance.com/new/images/products/6425.png

6425/LG-55WS10-BAA

Gaming KIOSKS

http://global.networldalliance.com/new/images/products/4617.png

4617/Gaming-KIOSKS

Super-Slim LCD for Video Walls | 55” NEC X551S

http://global.networldalliance.com/new/images/products/4697.png

4697/Super-Slim-LCD-for-Video-Walls-55-NEC-X551S

Content Management Software - Remote Transfer

http://global.networldalliance.com/new/images/products/remote_transfer_100.gif

184/Content-Management-Software-Remote-Transfer

LG 47WS50MS-B

http://global.networldalliance.com/new/images/products/6431.png

6431/LG-47WS50MS-B

PCI Compliance & Network Security

Latest posts by Brad Cyprus
Brad Cyprus
Bradley K. Cyprus has more than 20 years experience in the security industry. He manages the development of in-house solutions to validate compliance, and he is a resource that Vendor Safe customers can rely upon to help interpret the PCI standard.
CONNECT 2014 Mobile Innovation Summit
Request Information From Suppliers
Save time looking for suppliers. Complete this form to submit a Request for Information to our entire network of partners.