Hackers using sophisticated malware to compromise retailers this holiday season

Hackers today are more savvy than ever before, and that's not good news for retailers this holiday season. Maria Noboa, technical analyst at iSight Partners recently weighed in on new "highly sophisticated" malware hackers are deploying to stay hidden but remain firmly in control of company's operating systems. Noboa's team was the first to discover the new type of malware.

"This is by far most the most sophisticated point of sale malware we've seen to date," said Noboa. "They have such great in-depth understanding of operational security measures, evading detection and the mitigation techniques used."

The malware, which runs close to a computer's operating systems, is extremely hard to detect and very flexible in how it attacks. It has multiple attack routes and can target unique aspects of a retailer's POS systems, using keylogger, POS scrapper and uploader/downloader modules. Stephen Ward, marketing director at iSight said the company has found "three [modules] right now" but they are "sure there are more out there."

The keylogger module records and stores keyboard strokes, the uploader-downloader connects the infected machine with the hacker or remote servers and the POS scraper steals credit card information from a retailers operating system.

Ward, Noboa and other officials believe the Malware may have originated from European Europe. What is certain, however, is that it's been lingering around the web since 2012.

If you want to better prepare for the holiday season, look into using new credit card processing software such as that provided by 911 Software.

Scroll to Top