|Check Point Reference:||CPAI-2014-0749|
|Date Published:||20 Jan 2014|
|Protection Provided by:||
|Who is Vulnerable?||Windows-based servers|
|Vulnerability Description||vSkimmer is a Trojan-like malware designed to infect Windows-based servers attached with payment card readers. Post infection, the malware gathers sensitive information such as Credit Card numbers and sends it back to the C&C server.|
This protection will detect and block communication attempts made to the malware's C&C.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
- In the IPS tab, click Protections and find the vSkimmer Point-of-Sale Terminals Server Information Disclosure protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
SmartView Tracker will log the following entries:
Attack Name: Malware Traffic
Attack Information: vSkimmer Point-of-Sale Terminals Server Information Disclosure