Netwire Remote Access Trojan Steals Payment Card Data From Removable Storage

Payment card data is of great value to internet criminals all over the world. This information is rather easy to abuse, and the majority of systems protecting these details are vastly insecure. NetWire, a remote access Trojan, is making  waves once again. As a result of these renewed efforts, the criminals are shifting their attention to obtaining payment card data from all over the world.

NetWire RAT Is Back With A Twist

The Netwire remote access Trojan was first discovered a few years ago when it was assumed to be one of the world’s first multi-platform malware types of its kind. At that time, it infected computers and other Internet-connected devices all over the world and extracted different types of data. Moreover, it gave hackers a permanent backdoor into computer systems, which is never a good sign.

Fast forward to today and a new version of the Netwire RAT has popped up. According to Threatpost, the Trojan is now sniffing out payment card data from all kinds of devices. It is, in fact, capable of reading information from USB devices and other card readers, which is quite a troublesome development.

As is the case with virtually every type of malware being distributed, Netwire relies on users opening a malicious email attachment. Phishing campaigns are quite popular these days, and it is expected that a lot of people will be tricked into checking out these attachments. To make matters worse, the malware can reside on a device for weeks, if not months before it is even discovered.

Do not be mistaken into thinking that this new version of Netwire will target point-of-sale systems only, though. In fact, this new RAT version will go after any internet-connected device, and not only make the host machine insecure, but any other form of storage attached to it as well. Payment card data, credentials, and other information is all logged in the background and transmitted to criminals.

Just last year, the previous version of Netwire was used against financial institutions and healthcare enterprises to obtain sensitive information. The method of distribution was rather similar, although criminals relied on users opening malicious Word documents rigged with macros. Once they opened those files, the RAT would be downloaded from a Dropbox server.

Considering that the holiday season is almost upon us, credit card fraud numbers are expected to rise once again. These details can be obtained in a variety of ways, and the Netwire RAT is only one of the possible attack vectors. Consumers need to be vigilant at all times when entering card details, as someone else may be lurking in the shadows to steal the information.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.