SA fast food payment systems breached by Dexter malware

Finalized my purchase by credit card, every receipt they printed out couldn't communicate with the bank, they did it about 10 times then used another machine that went successful. Only to my discovery later on the bank called and asked how many transaction I told them 1.

They operate 24/7 fraud department, reminds me doing a cash withdraw unusual amount get a call immediately.
 
My card was replaced for no specific reason by the bank. They only told me that there was a security breach and they had cancelled my card as a precautionary measure. They replaced it for free.
 
This must be costing huge to the banks. I suspect we will not know the true exposure level becuase banks have to protect image and perception
 
So that explains why I don't have any money in my cheque account! :D
 
Quite shocking since Dexter runs on the central (back office server) and then continuously dumps the POS processes memory to read out track2 data and then submits it to a central server where the track2 information and card-holder information is cloned and sold on...

If you work in the POS industry you will know that most POS systems are poorly managed (mostly XP based with some still running NT4 or Win98). The POS systems and terminals are rarely patched, auto-updates are generally turned off and there is hardly ever any centralised patch- or asset management. Hardly any POS device will feature any form of antivirus. Mostly the reasons are cost of licensing and obviously operational cost (managing the POS system and potential downtime for maintenance). Can't really understand why retailers are incapable of doing this, since in the banking environment we centrally managed few hundred branch-servers and close to ten-thousand desktops.

Hardly any POS terminal has USB ports locked and you USB boot any terminal if you wish. That a POS system does not provide any firewall/outbound blocks and actually sits on the internet is equally scary. Considering that Dexter has been around since end of last year, it makes one wonder how proactive retailers were. Considering that any retailer has to be PCI compliant (this also includes stores), how could compliance even be met (i.e. data-security, network security and access control play a big part of compliance).

While it is unfortunate that retailers were affected by this, PASA and the banking industry should really look deeper into how PCI compliance has been met. Patch management is a standard compliance criteria and it is surprising that it affected many different retail chains. Blaming it now on the POS system alone is a cop-out, as basic IT security and operational tasks have not been looked at (i.e. simply being lazy and trying to cut corners).

Sidenote: PASA mentioned on 702 that "only" magstripe data was exposed. This is quite ignorant, since a retailer would have no clue if a syndicate had not placed PIN-pad skimming devices into chains - this happened to Barnes&Nobles last year, where Chip&PIN transactions got skimmed with skimming devices. Google it and then you will be really worried about security in a retail environment.
 
Last edited:
DEATH !

Something South Africans have wanted for a long time will come about
when
Cash is dead

This type of cyber crime will carry the death penalty ( But not for normal murderers )
CANNOT have any doubts about the efficacy of the new bio-metric systems
ONLY the Gov will be allowed to steal from you ( SANRAL already wants access to your bank account )

I may just stick to gold and silver coins -- or -- trade
 
My dad's account got wiped with purchases in Malawi 2 weeks ago, bank investigated and is returning the monies lost.

And just yesterday, a mate of mine flew back from Dbn, bought coffee at the airport, climbed on a plane and switched off his phone. By the time he landed in Jhb, his account was wiped clean across 4 different provinces in SA. He got the SMS alerts to prove it upon landing.

Getting a little paranoid with the banks being hacked and robbed so easily....
 
Correct. PASA guy on 702 confirmed this.

Yes and no.

I have chip & pin but retailers sometimes swipe 1st. You as the customer usually cant prevent that till its too late.

Remember the virus saves the magstrip for cloning later

I got cloned back in May. The fraudsters tried to draw money from an ATM. I got two incorrect PIN SMSes.
I called and cancelled my card after discovering the 'withdrawals' were made in an area 20km away in an area I have never been in my life.

After reading this article I have rescanned my online statement
I was at a KFC a few days before. I verified this via my SATNAV.

Nothing else stands out

If there had been a few dodgy transactions I doubt my bank would have picked them all up.

You could say I dodged the bullet... but not really.
I have over a dozen auto-deduct subscriptions that come off my account (Google, Skype, other subscriptions etc)
All got bombed and I had to go through effort to re-establish them.

I am pretty tech-literate. Imagine less vigilant people.

There is NO WAY the banks have covered all the losses
 
I had to cancel two cards this year.

First occurrence, someone successfully purchased two ipads off my one card at a store. This was investigated as it happened though and appears to have been an inside job at the store.

Second time, I had two online fraudulent transactions but both were blocked by the security and pin but cancelled the card anyway.
 
Top
Sign up to the MyBroadband newsletter