Cloud POS malware discovered

There are many companies that have adopted a cloud-based point of sale solution. This has helped organizations improve overall operations, add mobile cash registers and improve reporting by integrating multiple systems into a single platform. However, there are still security concerns that can affect this kind of approach.

According to a recent article from SC Magazine, a new unique piece of malware has been discovered that is specifically targeting cloud-based POS systems. Known as POSCLOUD.Backdoor/Agent, it is affecting software systems that are typically deployed by smaller companies that work on the systems like Internet Explorer, Safari and Google Chrome.

The malicious software uses keylogging and stealth screenshot grabbing to monitor data flow and steal information. According to an interview with IntelCrawler CEO Andrew Komarov, this is a different process that other POS attacks like Dexter that used RAM-scraping to compromise information.

"We identified it right after a pretty big botnet takedown and think that it was developed specially by cyber criminals in private [circles] to attack cloud-based environments, and hunt for IDs and customer data, including credit cards," Komarov told the news source, adding the information is then sold on underground marketplaces to identity thieves.

He went on to say that a wide array of POS systems could find themselves compromised. Because these systems are no longer a niche, the target on their back is getting larger. This means organizations need to start being extra vigilant when it comes to finding the right business solution to handle customer payment and personal information and keep it safe from the new age of robbers.

Scroll to Top