New threat from RAM scrapers

Security firms cite POS server memory as major vulnerability
Publish date:
Social count:
Security firms cite POS server memory as major vulnerability
50_Security Sml.jpg

RAM scrapers are a growing threat to people’s personal and financial information, security software companies have said.

BullGuard’s CTO Claus Villumsen told PCR: “Perhaps the real threat is RAM scrapers. RAM scrapers have been around for years, but very few people have ever heard of them, including people within the security industry.

“They have in fact been around for years, but recent indications lead industry analysts to believe they may well be the next real threat in 2010 and 2011.”

RAM scrapers target financial information within the cache memory of a system, with breaches reported in Point of Sale servers that process and communicate credit transactions.

Although these processes legally require end-to-end encryption, the data is decrypted at the endpoints, which is where the RAM scraper strikes. It specifically targets card identifier code strings, which serves to reduce its activity thus making it harder to detect and provides a much more ‘usable’ form of data to its controller.

Follow this link to read more on the latest developments in the security sector.