What Is RAM Scraping Malware and How to Prevent It
Most people will remember a year or so ago when retail giants Neiman Marcus and Target had a credit-card hacking that was severe. It first came to light, and then, that RAM scraping was to blame, which is a form of memory scraping. Everyone was apprehensive and was afraid that their accounts would be hacked next in the same way.
At Comodo, we take security and data safety very seriously and work hard to create the best products to thwart even the toughest of cyber criminals.
What Is It?
RAM scraping malware is a nasty little bug that can do so much damage. It is important first to understand how POS systems work. When you see cash registers and credit card terminals, you know that they have strict requirements that have to be met, such as encryption and most people think that is enough. The problem is that at one particular moment in the process, the data is vulnerable, and it occurs while it is being stored in the system’s memory.
Think of it like this:
- Someone purchases something and swipes their card
- The moment it is swiped, the information is encrypted so no one else can read the information
- It is sent through its processes, staying encrypted the entire time
- The information gets placed on the back-end server to process the transaction
- Before it can be processed, it has to be decrypted
- Right here is where the hacker gets in with RAM scraping technology
- The information is saved and encrypted again
The problem with the above scenario is that you don’t know the information was stolen for weeks or even months, or where it was stolen from, so people can’t be held accountable. If you want more information about RAM scraping and how to prevent it, contact us today.