Russian Trojan blamed for credit card losses at US diner
Hundreds hit after PC becomes infected
By John E Dunn | Techworld | Published: 16:25, 01 September 2010
Hundreds of lunchtime customers of a diner in the US city of Memphis are believed to have had funds stolen from their debit and credit cards after PCs at the venue became infected with malware.
Large numbers of customers reported having had funds taken after using Jason’s Deli in recent weeks, which prompted an investigation by the US Secret Service, part of the Department of Homeland Security.
After establishing that staff were not involved, police discovered that a computer system used by to verify credit cards had been infected with unidentified new-variant malware, which had logged and forwarded the data to criminals believed to be in Russia.
Related Articles on Techworld
“The computers received a virus that was unknown before this event,” said Special Agent Rick Harlow of the US Secret Service in a news conference. “No antivirus program that we ran against it found it,” he said.
“This could have happened in almost any business in the Memphis area or the country,” said Harlow.
The sums involved are thought to be significant. One local report cited an unnamed individual as having lost $793.
Police indicated that businesses in Seattle and San Francisco might have been affected by the same attack without offering further details. How PCs become infected with the rogue program has yet to be determined.
The Secret Service is so concerned that the malware is undetectable by antivirus software, it has sent files to the computer emergency response team (CERT) at Carnegie Mellon University for evaluation. The institution is working on a signature of the attack files so antivirus systems can be updated to protect against it.
