Overview
Explore the inner workings of memory scraping, credit card stealing point-of-sale (POS) malware in this 56-minute conference talk from AppSecUSA 2014. Dive into RAM scraping techniques used to steal credit card data from POS systems, evading disk and transit encryption. Witness a live demonstration of custom-built malware to understand its behavior under various conditions. Learn effective strategies to hinder malware operations, including memory size alterations, POS process concealment, and malware detection techniques. Gain valuable insights into POS data breaches, credit card components, magnetic stripe data, encryption methods, and mitigation strategies to protect against these sophisticated attacks.
Syllabus
Introduction
POS Data Breaches
Credit Cards
POS Components
POS Software
Magnetic Stripe: Track 1
Major Transition Types
Data Encryption
Attack Scenario
RAM Scraper Attack Working
Verify Card Number
Mitigation
Taught by
OWASP Foundation