New malware infects POS systems of nearly 600 businesses

Many retailers have been upgrading their POS solutions as a way to improve overall operations. This helps capture more transactions and customer information that comes through the door. However, as with any new technology, there are security concerns, and when it focuses on money this is even more of a concern.

According to a recent article from CSO, the United States Secret Service and Trustwave have announced a series of attacks in the retail sector where POS systems have been attacked by a custom piece of malware called Backoff that criminals installed after targeting vulnerable remote access points. Once installed, the malware gathers credit card data, customer and employee names and addresses, logs keystrokes and communications with an outside server for additional instructions.

Karl Sigler, the Threat Intelligence Manager at Trustwave, is quoted in the piece and said that these attacks have occurred since October 2013. Since being discovered and investigated over the last month, the company was able to identify nearly 600 businesses that were the victims of the Backoff and three variations of the software have been uncovered.

"We are currently working on four investigations alone – all in which criminals broke into point-of-sale systems by using stolen credentials to log in through remote access software. The malware then sits on the system, gathers the credit card numbers, encrypts the information and sends it out to servers owned by the criminals," Sigler said.

The POS system is always going to be a target for criminals. Organizations need to make sure their credit card payment software is secure and up to the challenge of new threats.

Scroll to Top