Charge Anywhere, an electronic payment service provider to merchant publicly admitted to a security breach that may have compromise the account details of all customer who used its service for the last five years. Apparently, hackers installed a data stealing malware which have been harvesting card information from the company’s computer network.
In a statement to news media, Charge Anywhere said the clandestine mission has been ongoing since November 2009 until early September 2014 when it was unearthed.
“The investigation revealed that an unauthorized person initially gained access to the network and installed sophisticated malware that was then used to create the ability to capture segments of outbound network traffic,” the release stated.
A forensic analysis of the malware revealed that the attackers were able intercept unencrypted transaction data from Charge Anywhere’s computer network.
Much of the outbound traffic was encrypted. However, the format and method of connection for certain outbound messages enabled the unauthorized person to capture and ultimately then gain access to plain text payment card transaction authorization requests.” Reads the statement.
The extent and full capabilities of the unearthed malware is still not clear but Charge Anywhere has enough evidence to believe, the attackers were able to captures cardholders’ transactional authorization details, including cardholder name, account number, expiration date, and transaction verification code.
Charge Anywhere is urging merchants to counter check their names against a provided list of potentially affected merchants “Payment cards used at these merchants between November 5, 2009 and September 24, 2014 may have been affected although we only found evidence of actual network traffic capture from August 17, 2014 through September 24, 2014,” noted the company.
Individual shoppers to the affected merchant should continually monitor their banks statement for any peculiar transactions. Contact your bank immediately in case you notice unauthorized transaction in your bank statement within the Last five years, advises Charge Anywhere. Ideally, card companies’ cushion cardholders against money losses from unauthorized transaction in their accounts.
Charge Anywhere has assured merchant the malware has been “completely eradicated” and it is highly unlikely that Point of sales systems of individual merchants were implicated in the syndicate. Furthermore, the company has forwarded the listed of potentially affected Merchants to banks and Card companies to help in tracking and monitoring their accounts.
More importantly, the company is urging shoppers and Merchants to remain vigilant by frequently reviewing their bank statements and credit reports for unauthorized transactions. Notably, shoppers are advised to regularly collect their credit reports from their card providers at least once every year.
Recently, the world had seen an upsurge of banking malware targeting credit/debit card data. Hackers are increasingly using advanced Point of Sale (POS) RAM scrappers to tap into the computer networks of retailers and steal customers’ card information, which is later used to swipe clean their bank accounts. Data breaches at large retail stores such as the Target and Home Depo clearly shows the imminent threat posed by these sophisticated POS malwares such as the BlackPOS or the Getmypass malware discovered a few days ago.
Security experts believed the deep rooted infiltration of Charge Anywhere network is an indication that hackers are getting more sophisticated and stealthier. The FBI and the Department of Homeland security have advised shoppers to watch out for an increasing number of holiday scams. As a rule of thumbs never make a purchase from an untrusted store no matter the discount.
(Security Affairs – cybercrime, Electronic Payment)
Written by: Ali Qamar, Founder/Chief Editor at SecurityGladiators.com
Author Bio:
Ali Qamar is an Internet security research enthusiast who enjoys “deep” research to dig out modern discoveries in the security industry. He is the founder and chief editor at SecurityGladiators.com, an ultimate source for cyber security. To be frank and honest, Ali started working online as a freelancer and still shares the knowledge for a living. He is passionate about sharing the knowledge with people, and always try to give only the best. Follow Ali on Twitter @AliQammar57