12 December 2017
visit www.avoka.com

US govt warns retailers about new POS malware family

01 August 2014  |  8138 views  |  0 credit card

The US government has put out an alert warning retailers about a new family of malware, dubbed Backoff, targeting point-of-sale systems.

Crooks are tapping publicly available tools to find businesses that use remote desktop applications and then brute-forcing access by taking advantage of weak passwords, says the US Computer Emergency Response Team (US-Cert).

Once they have access to administrator accounts, the attackers can then deploy the POS malware and steal payment data and other personal information via an encrypted Post request.

Working with the Secret Service and Trustwave Spiderlabs, US-Cert has identified three primary variants of the malware, which were first spotted last October and are all still operating.

The software's capabilities include scraping memory for track data, logging keystrokes, command and control communication, and injecting malicious stub into explorer.exe.

Backoff has been found in at least three separate forensic investigations into POS data breaches and is currently almost never picked up by anti-virus engines, warns US-Cert.

Remote access-based attacks on POS systems have shot up the agenda of retailers since last year's Target breach, which saw thieves use a vendor's credentials to infect POS devices with malware and steal the details of around 40 million customer cards.

US-Cert offers retailers advice on dealing with the threat in its alert.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

UK cyber cops take on Shylock malware

UK cyber cops take on Shylock malware

11 July 2014  |  5695 views  |  1 comments | 7 tweets | 4 linkedin
Brazilian scammers score $3.75 billion in malware bank fraud

Brazilian scammers score $3.75 billion in malware bank fraud

03 July 2014  |  8476 views  |  3 comments | 10 tweets | 18 linkedin
US banks going full-tilt for EMV in wake of Target breach

US banks going full-tilt for EMV in wake of Target breach

26 June 2014  |  10986 views  |  2 comments | 27 tweets | 11 linkedin
Target names DeRhodes CIO; partners MasterCard for chip and PIN

Target names DeRhodes CIO; partners MasterCard for chip and PIN

29 April 2014  |  5680 views  |  0 comments | 3 tweets
'ChewBacca' POS malware uncovered in the wild

'ChewBacca' POS malware uncovered in the wild

31 January 2014  |  5783 views  |  1 comments | 11 tweets | 7 linkedin
Target hackers used POS malware to steal card details

Target hackers used POS malware to steal card details

14 January 2014  |  7502 views  |  0 comments | 5 tweets | 5 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.solutions.lexisnexis.comvisit http://info.nice.comvisit www.response.ncr.com

Who is commenting?

Top topics

Most viewed Most shared
Revolut lets customers buy Bitcoin, Litecoin and EthereumRevolut lets customers buy Bitcoin, Liteco...
18630 views comments | 26 tweets | 22 linkedin
Saxo Bank's 'Outrageous Prediction': Bitcoin to peak at $60k next year before spectacular crashSaxo Bank's 'Outrageous Prediction': Bitco...
11556 views comments | 7 tweets | 7 linkedin
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
8063 views comments | 15 tweets | 21 linkedin
Santander UK poaches Barclays innovation chief Michael HarteSantander UK poaches Barclays innovation c...
6843 views comments | 8 tweets | 17 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
6195 views comments | 19 tweets | 10 linkedin

Featured job

to £70K base, £105K ote, benefits
London, UK

Find your next job