19 June 2018
Visit www.avoka.com

Botnet takes advantage of weak passwords to hack POS systems

10 July 2014  |  7646 views  |  0 Spiders computer virus

Security firm FireEye says it has discovered a botnet that is sniffing out point-of-sale systems and using brute force techniques to hack them and steal card data.

The BrutPOS botnet, comprising more than 5000 machines, scans specified IP address ranges for remote desktop protocol (RDP) servers that have weak or default passwords in an effort to locate vulnerable POS systems.

In a blog post, FireEye says that it found five command and control servers used by the botnet, two of which were still active and gave the firm some insight into the scam.

During a two week period, crooks managed to access 60 POS systems, working their way in by taking advantage of poor usernames such as 'administrator' and passwords like 'pos' and Password1'.

Warns FireEye: "While new malware and more advanced attacks are taking place, standard attacks against weak passwords for remote administration tools presents a significant threat."

KeywordsEFTPOS

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Authorities cripple Gameover Zeus botnet and CryptoLocker ransomware

Authorities cripple Gameover Zeus botnet and CryptoLocker ransomware

02 June 2014  |  5568 views  |  0 comments | 3 tweets | 4 linkedin
Ex Subway franchise owner pleads guilty to gift card POS hacking scam

Ex Subway franchise owner pleads guilty to gift card POS hacking scam

15 May 2014  |  6752 views  |  1 comments | 3 tweets | 2 linkedin
Hardware vendor LaCie warns of card data breach

Hardware vendor LaCie warns of card data breach

16 April 2014  |  5304 views  |  0 comments | 6 tweets | 3 linkedin
Target hackers used POS malware to steal card details

Target hackers used POS malware to steal card details

14 January 2014  |  7706 views  |  0 comments | 5 tweets | 5 linkedin
Microsoft takes down Zeus botnets

Microsoft takes down Zeus botnets

26 March 2012  |  6089 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
Visit http://go.jumio.com/finextraAdVisit equensworldline.com

Who is commenting?

A Finextra member Finextra Member Commented on: BIS: Cryptocurrencies...
A Finextra member Finextra Member Commented on: BIS: Cryptocurrencies...
A Finextra member Finextra Member Commented on: Monzo launches bill tr...
A Finextra member Finextra Member Commented on: NatWest taps Open Bank...
A Finextra member Finextra Member Commented on: HSBC promises $17bn in...

Top topics

Most viewed Most shared
10,000 jobs could be lost to robots says Citi10,000 jobs could be lost to robots says C...
48824 views comments | 44 tweets | 35 linkedin
Ripple exec says DLT not ready for banks...yetRipple exec says DLT not ready for banks.....
10632 views comments | 9 tweets | 32 linkedin
UK launches £2.5bn startup initiativeUK launches £2.5bn startup initiative
9473 views comments | 30 tweets | 26 linkedin
HSBC promises $17bn investment in technologyHSBC promises $17bn investment in technolo...
8402 views comments | 8 tweets | 21 linkedin
Live: EBAday2018, day oneLive: EBAday2018, day one
8254 views comments | 6 tweets | 5 linkedin

Featured job

Find your next job