The U.S Department of Homeland Security has warned enterprises of a new point-of sale malware, code-named “Backoff” that could infiltrate retail computer systems.
The advisory was issued by US Secret Service and DHS that stated the use of scanning tools by hackers to infiltrate businesses that use remote applications. The malware has been detected three times since 2013 and exists even today. The U.S Computer Emergency Team mentioned that “Backoff” mostly goes undetected with low to zero detection rates in anti-virus applications. DHS investigations noted that three retailers have been infected with the “Backoff” malware.
The U.S. Department of Homeland Security stated:
“The malware variants have low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could not identify the malware as malicious.”
The POS malware has the four common capabilities that track data, keystroke logging, Command and Control server communication and infecting of explorer.exe files. Hackers will be able to steal credit card information after infiltrating the remote networks and would eventually reach the cyber criminals after the data is sent through the C&C center. Recently a major attack at Target retail store was caused by a POS malware.
The DHS has issued a 10-point advisory with tips for defending the attack and mentions that the POS malware could also reveal addresses, numbers of consumers that might be used for fraudulent purposes. The DHS advised use of point-to-point encryption systems and smartcards for securing data from hackers. The businesses have been informed of several security measures in case of remote access attacks.
[ Source ]