Attention South Africa POS Terminals-Dexter Malware on the prowl


The prime disadvantage of eBanking is the speed at which bad viruses can spread. The challenge for law-enforcement is to isolate the virus strain fast enough to develop anti-virus. Computer viruses like viruses in living beings also have variants.

The Dexter Malware is a computer virus which infects computers running Microsoft Windows and was discovered by IT security firm Seculert, in December 2012.


Visa issued an early warning in December 2012. The audience for the warning was Acquirer/Retial Merchant/VisaNet Processor.

Recently, a variant of the Dexter Malware hit the African POS terminals. The malware focused on the POS terminals in fast-food chains like KFC etc. As this respective malware strain was a variant of the original Dexter Malware, it took time to be detected.

In the meanwhile, the damage was occurring in the back-end. As the ‘card verification value’, is not used in Card Present Transactions (CPT), luckily the skimmed data could not be used for Online purchases.

The main targets were the Magstrip cards, and no chip cards were compromised. The cards produced from the malware have been sold and used in both Europe and the US.

It is still not clear as to how the Malware affected the POS Terminals, is it through physical-access attack (for example, by tampering with the credit/debit card reader or sticking a malware-laden USB driver into the POS box while the cashier is distracted or away) or through the internet when employees surf internet.

As the issue has international ramifications, investigation agencies (Interpol and Europol) from around the world are working with The South African Police Service (SAPS), to bring the syndicate or syndicates responsible for the data breach to book.

South Africa’s banking risk intelligence centre, Sabric, is managing the forensic investigation and working with the SAPS, where a case docket has been opened


One thought on “Attention South Africa POS Terminals-Dexter Malware on the prowl”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s