- 04 Jul 2022
A Malware-Infected CAC Card Reader has Become a Security Concern
An incident recently reported by KrebsOnSecurity’s Brian Krebs highlighted how crucial malware protection is. Millions of employees and contractors are given secure smart ID cards. These cards allow them to enter buildings and otherwise restricted areas. Such ID cards also allow this personnel to access computer networks and systems. However, some employees don’t have access to authorized card readers that would allow them to use such cards when working remotely or from home. And they have to rely on shady card readers that are available online, the consequences of which can be disastrous.
How a CAC card reader became a security issue
A case just came to light that highlights how serious this situation is. A Personal Identity Verification (PIV) smart card was provided to an employee of a organization’s contractor. These cards are designed for civilian workers. This employee decided to buy a smart card reader from Amazon since he didn’t have one at home. He purchased a $15 reader from Amazon. The product was specifically described to be designed for smart cards.
The USB gadget Mark chose was also the very first result that popped up on Amazon.com when he searched for a “PIV card reader.” The product also had thousands of positive reviews. He intended to use the device for his Common Access Card (CAC). Such cards are the standard form of identification for uniformed officers, civilian workers, and contractor personnel. These cards, in addition to enabling entry to restricted areas, also give access to DoD computer systems and networks.
Malware detection on the card reader
When he received the reader and plugged it into his Windows 10 PC, the operating system suggested checking for the most recent drivers. These drivers were discovered to be malicious. Malware detection sources say that the ZIP file is most likely infected with Ramnit, a dangerous trojan horse that attaches itself to other files and spreads. The infected driver problem is definitely an example of a technological company’s website being hacked.
The initial Ramnit versions that appeared in 2010 were computer viruses that affected EXE, DLL, and HTML files. Later versions were capable of private data theft from the infected system. But despite warnings, when the necessity comes, a large number of government personnel will buy such readers from different online retailers. This makes it a big issue.
Amazon has announced that it is looking into the problem. Even if Amazon removes the gadget listing, individuals who have already purchased the device are in danger of downloading malware from the product’s website without realizing it.
How to stay safe with Malware Protection
The Internet is a dangerous place, and you should always be protected by a professional Cybersecurity Service provider. Sattrix is a professional Cybersecurity company that can assist you with all manners of security requirements including malware detection and malware protection. We are more than simply cybersecurity service providers; we are your best line of defense against all kinds of cyber attacks.
- Cloud Security(3)
- Cyber Security(14)
- IT Infrastructure Security(2)
- Managed SOC(7)
- Penetration Testing(2)
- Threat Hunting(3)