If you think there has been a rise in point-of-sale malware lately, you are not imagining things.
In a new paper released today, Trend Micro examines the continued growth of point-of-sale (PoS) malware. According to Trend Micro, six new pieces of point-of-sale (PoS) malware have been identified so far in 2014. Four of these six variants were discovered between June and August: Backoff, BlackPOS version 2, BrutPoS and Soraya.
“Ever since the Target data breach came into the limelight, there has been a constant stream merchants/retailers publicly disclosing data breach incidents,” blogged Numaan Huq, senior threat researcher at Trend Micro. “These data breaches typically involve credit card data theft using PoS RAM scrapers.”
“The earliest evidence of PoS RAM scraping was in Visa’s Data Security Alert issued on October 2, 2008,” Huq blogged. “Back then, cybercriminals attempted to install debugging tools on PoS systems to dump Tracks 1 and 2 credit card data from RAM. In 2009, Verizon also reported of PoS RAM scrapers alongside its victim profiles; targets were primarily the retail and hospitality industries.”
PoS RAM scraper families really started to evolve around the end of 2011, and there has been a steady release of new PoS RAM scraper families as new attack techniques were developed, he added.
Businesses in the United States have been the biggest targets of PoS malware. According to Trend Micro, roughly 74 percent of PoS malware detections between April and June have been in the U.S. The Philippines and Japan were second and third on the list at 4.62 percent and 4.41 percent, respectively. The retail industry was the hardest hit, accounting for 67.51 percent of PoS malware detections.
“It is not surprising that the largest volume of detections was seen in the United States because the country’s economy is heavily geared toward purchasing goods and services using credit cards,” the report notes. “Consumers in other countries still tend to use cash or debit cards more than credit cards. The high volume of credit card transactions that companies process in the United States makes it a lucrative target for PoS RAM scrapers.”
The report recommends PoS system operators follow best practices for security, including the use of multitier firewalls to protect networks and restricting access to the Internet on PoS systems.
“Credit card data breaches are not slowing down any time soon, and cybercriminals have different techniques to target all industries,” said Jon Clay, senior manager of global threat communications at Trend Micro.
“However, our research has revealed that a high majority of PoS RAM scrapers affect the retail industry since these businesses have high credit card transaction volumes,” Clay said. “Therefore, it is imperative, now more than ever, that retailers must be on the lookout for these types of data breaches and put preventative measure in place to verify the authenticity of all transactions.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
