Merchants Cautioned on New POS Malware Threat (Aug. 4, 2014)
Federal officials are warning retailers about a new form of malware that hackers could use to access POS systems and steal consumer data. The U.S. Computer Emergency Readiness Team (US-CERT) last week issued an advisory detailing the malicious software, known as Backoff, which is being used by scammers to attack businesses’ remote desktop applications to harvest consumer data, including payment information. US-CERT—a division of the Dept. of Homeland Security—said the Backoff attacks were first noted in October 2013 and have continued since.
While Backoff’s many variants have been largely undetectable by antivirus systems, US-CERT said publication of its technical analysis of the attacks would enable antivirus programs to begin detecting the variants soon. US-CERT encouraged merchants to reduce exposure to Backoff by locking out user accounts after several failed login attempts, using firewalls to restrict access and requiring more complex passwords for user access.
Last year’s high-profile data breach of retail giant Target is believed to have been the result of a remote access-based attack. In that case, cybercriminals are thought to have used a vendor’s credentials to infect the retailer’s POS systems with malware, enabling the thieves to access the data of nearly 70 million payment cards, according to the company.
See related stories: