.net programming, computers and assorted technology rants

Thieves install Keyloggers at Nordstroms get Credit Card Info


Courtesy Casey Johnston, ArsTechnica

A trio of men may have installed keyloggers at a Nordstrom department store in Florida to skim credit card numbers, reports KrebsOnSecurity. According to a police report, the men plugged standard keyloggers into the backs of cash registers and returned to remove them some days later with the alleged intent to use the information to create fake credit cards.

The keyloggers the thieves used imitate the look and design of PS/2 keyboard connectors, priced around $30-40. They are connected in series with a keyboard cord, between the computer and the keyboard, to intercept data transmitted between the two.

The Aventura, Florida police report states that the Nordstrom has security video footage of the three men entering the store and working as a team. Two distracted the staff while a third cased the registers and back of the computers. The men returned a few hours later and repeated their teamwork scheme, but this time the third man installed the keyloggers. They returned a third time to collect the keyloggers.

Krebs indicated that the keyloggers may not be able to skim data directly from a credit card reader, although some readers do use PS/2 connectors. If connected to the keyboard itself, the keyloggers likely would have been able to capture any credit card numbers typed in directly. A keylogger installed with the keyboard could, in theory, also have been able to capture applications for Nordstrom credit cards, which typically request personal information like names, addresses, birthdates, and social security numbers.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s