Anatomy of memory scraping, credit card stealing POS malware

Presented at BSidesLV 2014, Aug. 5, 2014, 4 p.m. (60 minutes).

Cedit card stealing RAM scraper malware is running amok compromising point-of-sale (POS) systems. Recent breaches have shown that exposure to such attacks is high and there is a lot at risk. This presentation shows how the attack is carried out by looking at the nuts-and-bolts of a home grown malware sample. During the demo we will pretend to be the bad guy and steal information from the belly of the POS process. Then we switch hats, expose the malware to multiple environmental hazards to study its behavior and identify strategies that can be implemented to make it hard for the malware to behave correctly and deter the bad guys. If all goes well, you will walk away with RAM scraping and prevention mojo.


Presenters:

  • Amol Sarwate - Director of Vulnerability and Compliance Labs - Qualys Inc.
    As Director of Vulnerability Labs at Qualys, Amol Sarwate heads a worldwide team of security researchers who analyze threat landscape of exploits, vulnerabilities and attacks. He is a veteran of the security industry who has worked for the last 15 years on firewalls, vulnerability scanners, embedded security at McAfee, Hitachi, i2 and other organizations. He has presented his research on various topics like Vulnerability Trends, Credit Card Malware, Security Axioms, SCADA and Exploits at many conferences like RSA, BlackHat, AppSec, and others.

Links:

Similar Presentations: