background preloader

POS Malware and Breaches

Facebook Twitter

Trump Hotel sees a new Data Breach on the credit card system. 7th April 2016 | By SEO India Adding to the list of POS Security breaches in the hospitality industry, a fresh credit card breach has reportedly happened at TheTrump Hotel Collection, linked to businessman and presidential candidate Donald Trump.

Trump Hotel sees a new Data Breach on the credit card system

It’s a string of fraud on customer credit cards that has reportedly happened. This security breach is said to have happened in the course of the past two to three months at different Trump Hotel properties including the Trump International Hotel New York, Trump Hotel Waikiki in Honolulu and the Trump International Hotel & Tower in Toronto. Investigations are on and the final, confirmed picture is yet to emerge. If confirmed, this would be the second such security breach at the Trump Hotels Collection in less than a year. POS TreasureHunt Malware Target US Retailers. New Multigrain Malware steals Point of Sale Data Over DNS. 28th April 2016 | By Administrator A sophisticated malware, identified as “Multigrain,” has been found to steal payment card data from point-of-sale (POS) stations.

New Multigrain Malware steals Point of Sale Data Over DNS

When a team of researchers at FireEye recently discovered this new type of POS malware, they found out that it had overlapping traits of a previously-known, notorious POS malware known as NewposThings. However, the new variant uses advanced techniques to steal card data; it employs digital signature to specifically target POS security terminals and exfiltrates the stolen information over Domain Name System (DNS). Although Multigrain malware is novel in its approach, other malwares in the POS malware family such as FrameworkPOS and BernhardPOS have devised similar tactics to exploit POS security in the past.

Ideally, POS stations and other environments that handle sensitive data monitor, regulate or even block HTTP or FTP web traffic which, in an otherwise context, exfiltrate the data being processed. POS Malware hits Wendy's Restaurant with a Massive Data Breach. 24th May 2016 | By Administrator It was recently that the Pennsylvania-based First Choice Federal Credit Union filed a class-action suit against fast food chain Wendy’s over a data breach, alleging that the data breach that happened at Wendy’s earlier this year will cost card issuers hundreds of millions of dollars.

POS Malware hits Wendy's Restaurant with a Massive Data Breach

Though Wendy’s didn’t comment on the extent of losses that the point of sale security breach could have caused, they have now come up with the revelation that hundreds of restaurants run by the company were hacked in late 2015. Cyber security expert Brian Krebs had reported in his blog, as early as January this year about Credit Card Breach at Wendy’s. Krebs had said thus in his blog post, dated January 27, 2016, “Wendy’s, the nationwide chain of fast-food restaurants, says it is investigating claims of a possible credit card breach at some locations. New Improved ATM Skimer Malware More Dangerous than before. 25th May 2016 | By Administrator Sophisticated Skimer Malware Attacks ATMs Subtly Cyber criminals have unleashed a more sophisticated version of the Skimer ATM infector that threatens the security of ATMs .

New Improved ATM Skimer Malware More Dangerous than before

The Skimer malware was first detected in 2009 and it is making a comeback with more disastrous effects that demonstrate the advanced skills of the cyber criminals. The latest Skimer that has surfaced in 2016 is a Trojan backdoor malware that specifically targets bank ATMs. It, however, acts very subtly. The modus operandi of Skimer lies in the fact that it doesn’t activate unless it gets a control message prompt from its owner, which is why it remains highly undetected. Skimer in Action When cyber criminals decide to target an ATM , they inject the malware by manually inserting a tailor-made ATM card that contains a set of malicious scripts. Earlier Attacks by Skimer The Skimer was detected in numerous attacks between 2010 and 2013. How to Avoid Point of Sale Data Breaches Caused by POS Malware. How important is SSL Certificate to thwart SSL Sniffing.

20th June 2016 | By Administrator SSL certificates are now increasingly used to secure websites and prevent theft of sensitive personal data.

How important is SSL Certificate to thwart SSL Sniffing

The tech-savvy may very well know what SSL certificates are, but for non-technical people SSL certificates may seem rather unfamiliar. What’s SSL Certificate? SSL Certificate (Secure Sockets Layer Certificate) is used to make a website secure; this is done by ensuring that all communication that occurs between the user/web browser and website/web-server remains encrypted. To put it more simple, SSL Certificate ensures encryption and decryption of messages that are transmitted between a browser and a server. How does an SSL Certificate work? It all happens like a multi-step process When a browser attempts to connect to any SSL secured website, it first asks the web server to identify itself.The website responds by identifying itself with a copy of the SSL certificate.The browser checks the trust level of the SSL certificate.

FastPOS Malware Breaches and Delivers Credit Card Data Instantly. 24th June 2016 | By Administrator Here comes a new POS Malware, named the FastPOS Malware, which, as the name suggests strikes real fast.

FastPOS Malware Breaches and Delivers Credit Card Data Instantly

This POS Malware is fast in the sense that it snatches the credit card information fast and sends it instantly to the hackers. This new Point of Sale malware has been discovered by Trend Micro researchers. A recent post made in the Trend Micro blog, which gives details of the malware, says- “A newly discovered malware family hitting point-of-sale (PoS) systems has been found which emphasizes speed in how the information is stolen and sent back to attackers. We called this attack FastPOS, due to the speed and efficiency of its credit card theft capabilities. How POS malware works and ways to thwart attacks at POS terminals. New PunkeyPOS Malware Targets Windows Point of Sale Terminal.