09 February 2016

Botnet takes advantage of weak passwords to hack POS systems

10 July 2014  |  6334 views  |  0 Spiders computer virus

Security firm FireEye says it has discovered a botnet that is sniffing out point-of-sale systems and using brute force techniques to hack them and steal card data.

The BrutPOS botnet, comprising more than 5000 machines, scans specified IP address ranges for remote desktop protocol (RDP) servers that have weak or default passwords in an effort to locate vulnerable POS systems.

In a blog post, FireEye says that it found five command and control servers used by the botnet, two of which were still active and gave the firm some insight into the scam.

During a two week period, crooks managed to access 60 POS systems, working their way in by taking advantage of poor usernames such as 'administrator' and passwords like 'pos' and Password1'.

Warns FireEye: "While new malware and more advanced attacks are taking place, standard attacks against weak passwords for remote administration tools presents a significant threat."

KeywordsEFTPOS

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

02 June, 2014
15 May, 2014
16 April, 2014
14 January, 2014
26 March, 2012
Your browser is unable to support Flash files.

Top topics

Most viewed Most shared
Fintech rising: Resistance is futile, says...
11603 views comments | 51 tweets | 44 linkedin
Digital transformation driving earnings at...
10007 views comments | 47 tweets | 40 linkedin
Visa opens up to developers
8207 views comments | 23 tweets | 41 linkedin
ECB eyes up European P2P payments
8061 views comments | 29 tweets | 39 linkedin
It may take ten years, but blockchain tech...
6885 views comments | 21 tweets | 19 linkedin

Featured job

Find your next job