Security researchers at FireEye / Mandiant [say] "We identified the presence of a financially-motivated threat group that we track as FIN1, whose activity at the organisation dated back several years."
[...] "FIN1 used this malware to access the victim environment and steal cardholder data. The group, which may be located in Russia, is known for stealing data that is easily monetised from financial services organisations such as banks, credit unions, ATM operations, and financial transaction processing and financial business services companies."
[...] The malware's installation location also means it will persist even after re-installing the operating system, widely considered the most effective way to eradicate malware.
Can we all agree that updating firmware should require the movement of a physical jumper?
(Score: 0) by Anonymous Coward on Wednesday December 09 2015, @08:53PM
Or rather, jumpers are the answer *only* for those smart enough or knowledgeable enough.
How will you convince 75-year-old-Aunt-Emma to open her case, look for and switch the position of the jumper, then do an update, because a new exploit not in firmware requires a firmware update to combat it? (Oh, sorry your Credit Card info was stolen Aunt Emma, you needed to take your computer to an authorized repair center but didn't....)
How will you keep 75-year-old-Aunt-Emma from doing the instructions given by that nice man who called from "Microsoft" Tech Support giving her the instructions to change the jumper setting so that "Microsoft" can update her computer?
You're trying to fight a human problem with technical means. Good luck.