|
|
|
|
|
|
by cynwoody
4640 days ago
|
|
|
It's a matter of semantics. What does "to skim" mean? I read the article to mean that the bad guys were using key loggers to skim mag stripe images out of the keyboard data stream (from mag stripe readers attached via "wedges"). That's one level of threat. Your link, however, calls to mind a higher level threat that happened in Rhode Island a while back. Bank customers were disavowing ATM withdrawals. Bank security noticed that the complaining customers had all used their debit cards at the same all-night Stop & Shop. A review of the store's security video showed a gang of four guys coming in during third shift and installing hacked PIN pads at the registers while keeping the thin staff distracted. They were busted when they returned to harvest their next haul of debit card details. How they compromised the PIN pads I do not know. PIN pads are supposed to be sealed and tamper-proof. Your PIN is supposed to be encrypted before it leaves the keypad and decrypted only when it reaches the payment processor. The encryption key is supposed to be erased if someone tampers with the device. In order for the hack to work, they would need to be recording the mag stripe data along with cleartext PINs. I see it happened to Barnes & Noble more recently and on a larger scale: http://www.esecurityplanet.com/hackers/hackers-compromise-ba... |
|
|
https://www.google.com/search?q=card+skimmer&safe=off&source...
One thing to remember is that keyloggers have been around much longer than card skimmers, keylogger is a well known and well defined term.
http://en.wikipedia.org/wiki/Hardware_keylogger
https://www.google.com/search?q=hardware+keylogger&safe=off&...
It's all very interesting to watch as criminals become more sophisticated.