In a recent cyber security alert, the U.S. Department of Homeland Security (DHS) revealed that more than 1,000 U.S. enterprise networks and different businesses have been attacked by a point-of-sale malware infection called “Backoff.”
Typically this kind of malware infection captures all the information when a card is swiped for payment. Backoff, primarily is capable of scrapping memory for tracking data, commanding and controlling every type of communication, logging all inputs of your keyboard and inserting malicious stub into explorer.exe. In addition to this, the malware also injects malicious code in your PC’s Windows Explorer so that it can be re-launched if it crashes or forcibly stopped.
In the alert, the DHS department added that Backoff first appeared last year in October. And over the past year, measures have been taken for businesses that have had their point-of-sale systems compromised by Backoff.
The U.S. Computer Emergency Readiness Team (US-CERT), a division of Homeland Security also said that cybercriminals have been trying “brute-force” techniques to put in the malware into Point-of-sales system equipped with remote desktop applications, such as Apple Remote Desktop, Chrome Remote Desktop, Microsoft Remote Desktop and LogMein.
Also, US-CERT stated that “The impact of a compromised point-of-sale system can affect both the businesses and consumer by exposing customer data such as names, mailing addresses, credit/debit card numbers, phone numbers, and e-mail addresses to criminal elements. These breaches can impact a business’ brand and reputation, while consumers’ information can be used to make fraudulent purchases or risk compromise of bank accounts.”
In order to prevent this malware from entering into your systems, it is recommended to tighten your company’s IT policies, upgrade antivirus and check if your point-of-sale system is vulnerable.