Thieves install Keyloggers at Nordstroms get Credit Card Info
Courtesy Casey Johnston, ArsTechnica
A trio of men may have installed keyloggers at a Nordstrom department store in Florida to skim credit card numbers, reports KrebsOnSecurity. According to a police report, the men plugged standard keyloggers into the backs of cash registers and returned to remove them some days later with the alleged intent to use the information to create fake credit cards.
The keyloggers the thieves used imitate the look and design of PS/2 keyboard connectors, priced around $30-40. They are connected in series with a keyboard cord, between the computer and the keyboard, to intercept data transmitted between the two.
The Aventura, Florida police report states that the Nordstrom has security video footage of the three men entering the store and working as a team. Two distracted the staff while a third cased the registers and back of the computers. The men returned a few hours later and repeated their teamwork scheme, but this time the third man installed the keyloggers. They returned a third time to collect the keyloggers.
Krebs indicated that the keyloggers may not be able to skim data directly from a credit card reader, although some readers do use PS/2 connectors. If connected to the keyboard itself, the keyloggers likely would have been able to capture any credit card numbers typed in directly. A keylogger installed with the keyboard could, in theory, also have been able to capture applications for Nordstrom credit cards, which typically request personal information like names, addresses, birthdates, and social security numbers.