Antivirus companies have recently discovered a virus aimed at infecting QIWI payment system terminals. Analysis of the virus’s code showed that it was intended to penetrate the terminal’s operating system (Windows) and change the account number to where money is being transferred.

The virus has been given the name Trojan.PWS.OSMP.

It was not discovered in the terminals themselves but openly on the internet (only their owners have access to the terminals), so it is impossible to describe the level of danger posed. All that can be confirmed is that the virus exists and it can only infect terminals manually, through physical access to the device.

Shortly afterwards a modification to the virus was discovered, also aimed at payment terminals. However, it works differently. It tries to steal the terminal’s configuration files, which would theoretically give criminals the possibility to take money by imitating the terminal on their own computer.

The company that runs QIWI announced that this is already the 20th version of this virus and nothing particularly new. It was discovered and neutralised by the terminals internal antivirus system on 20 February and does not pose any danger at all.

Payment system representatives explained that their terminals use an effective multilevel defence system, which stops viruses from causing serious damage. Any account which receives a large number of transfers from different sources is checked by specialists and can be blocked. In addition, the terminals defence system would not allow anyone to imitate their signal, even if configuration files and encryption keys were obtained.

There have long been rumours that the GSM mobile phone standard (or even the devices themselves) contains undocumented features. However, up to now such technology had never been used in any country in the world by special services for collecting information.

This makes perfect sense. The technology would become useless if criminals knew about it.

However, it had to happen one day. At the beginning of this year, the first court case was held where location data obtained using undocumented GPS enabled mobile phone features was used as evidence. A secret request was sent via the mobile phone operator to the telephones, which then sent their location coordinates to the operator. Rumours of this capability can be considered to be confirmed.

As could be expected, this secret technology was not used against minor fraudsters, copyright violators or paedophiles but against a serious national security threat.

At the beginning of the year, in the Netherlands, 12 Somali illegal immigrants were arrested in seven different locations in this way. Four of them were planning a terrorist attack in the country. Access to the private data of the accused was authorised by a court order.