South African banks have suffered in excess of tens of millions of rands in losses, thanks to a malware tool called Dexter. The software was installed by criminal syndicates on point-of-sale (POS) systems, to collect credit card data.
TechCentral reports on the whole story, which implicates fast-food restaurants as the major victims of the malware infection. It’s alleged that KFC is the hardest hit, though there are no specific numbers for how many POS machines have been infected.
According to the report, international law enforcement agencies Europol and Interpol are involved in the investigation, assisting the South African Police Service (SAPS). No suspects have been arrested, but a case docket has been opened at the SAPS by the South African banking risk intelligence centre (Sabric).
The investigation started earlier this year, when banks first noticed that certain fast-food outlets had higher-than-usual levels of suspected fraud. A forensics company was then appointed to analyse the transactions. Mastercard, Visa, and the affected banks formed a committee to investigate, as well.
An expert told TechCentral that the exact malware installed on the POS systems was a variant of Dexter that had been modified to avoid detection. In act, the malware would read the number of a swiped card and send the data to a syndicate, which would use the numbers to make fake cards. Those cards are then used in fraudulent transactions in brick-and-mortar stores, which don’t check for the 3-digita CVV number on the back of the card.
If you’ve had a fraudulent transaction show up on your credit card account in the last few months, it could very well be attributed to this. The simple act of buying a burger might have ended up costing you a bit more.