24 May 2015

US govt warns retailers about new POS malware family

01 August 2014  |  6345 views  |  0 credit card

The US government has put out an alert warning retailers about a new family of malware, dubbed Backoff, targeting point-of-sale systems.

Crooks are tapping publicly available tools to find businesses that use remote desktop applications and then brute-forcing access by taking advantage of weak passwords, says the US Computer Emergency Response Team (US-Cert).

Once they have access to administrator accounts, the attackers can then deploy the POS malware and steal payment data and other personal information via an encrypted Post request.

Working with the Secret Service and Trustwave Spiderlabs, US-Cert has identified three primary variants of the malware, which were first spotted last October and are all still operating.

The software's capabilities include scraping memory for track data, logging keystrokes, command and control communication, and injecting malicious stub into explorer.exe.

Backoff has been found in at least three separate forensic investigations into POS data breaches and is currently almost never picked up by anti-virus engines, warns US-Cert.

Remote access-based attacks on POS systems have shot up the agenda of retailers since last year's Target breach, which saw thieves use a vendor's credentials to infect POS devices with malware and steal the details of around 40 million customer cards.

US-Cert offers retailers advice on dealing with the threat in its alert.

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

11 July, 2014
03 July, 2014
26 June, 2014
29 April, 2014
31 January, 2014
14 January, 2014

Top topics

Most viewed Most shared
Cash overtaken by non-cash payments in the...
6674 views comments | 48 tweets | 31 linkedin
MasterCard launches personal payments serv...
5851 views comments | 15 tweets | 27 linkedin
UK opts out of European online payments se...
5716 views comments | 18 tweets | 15 linkedin
US banks bid to crack down on 'card cracki...
5512 views comments | 8 tweets | 10 linkedin
Metro Bank to offer consumer loans via Zop...
4681 views comments | 29 tweets | 20 linkedin

Featured job

up to c.£100K base (d.o.e), commission, benefits
London, UK

Find your next job