Hackers Target POS Systems with Backoff Malware

Info Tech  > Technology >  Hackers Target POS Systems with Backoff Malware

According to a new report released by the US Department of Homeland Security on Thursday, hackers are now using malware to steal consumer payment information through point-of-sale systems. In fact, one particular malware program called Backoff may have already affected as many as 600 businesses.

Malware like Backoff and it’s lesser known relative BrutPOS break in through remote desktop applications that allow remote users like independent contractors and telecommuting employees to connect to a company’s computer network. From there, hacker’s can infect the POS systems of retailers and similar businesses, and fire passwords at the systems until they gain entry.

One particular malware program called Backoff may have already affected as many as 600 businesses.

When Backoff was discovered and analyzed, these malware programs weren’t being detected by anti-virus programs, even on computers with fully updated virus definitions. The first variations were discovered in October 2013. Since then, the malware has been identified in three separate cyberattacks and spawned several new versions, though the DHS report didn’t name the targeted organizations.

The report was prepared with the assistance of the National Cybersecurity and Communications Integration Center, the US Secret Service, the Financial Services Information Sharing and Analysis Center and a Chicago-based cyber security company called Trustwave.

Karl Sigler, the threat security manager at Trustwave, says that Backoff is an entirely new malware program that’s difficult to detect and has come out with new variations as recently as May.

Fortunately, the DHS reports that with news of the malware becoming increasingly prevalent, anti-virus software companies should be able to release updates that detect programs like Backoff soon.

Until these updates are released, retailers and other businesses that use POS software are encouraged to protect themselves and their customers. Following best cyber security practices is crucial. Companies should use more secure passwords, implement two-factor authentication systems and watch out for unusual IP addresses and traffic on their networks.

Retailers also shouldn’t make the assumption that security lies in the hands of their POS provider. Even state-of-the-art-security systems can be bypassed via inadequate password protection.

Consumers should also be attentive to their passwords and use secure computers at home to check bank and payment statements. Any unusual transactions should raise major red flags.

Consumers should take similar precautions, said Thomas Holt, associate professor with the School of Criminal Justice at Michigan State University. They should use a secure home computer to, for example, regularly check their bank and payment statements to spot problems as soon as they happen.

Leave a Reply

Your email address will not be published. Required fields are marked *