Just when we thought retail POS systems had become more secure from cybercriminals, we are learning that may not be the case. Cyber security software developer, FireEye, is reporting that many types of malware are still being found on merchants’ payments processing systems.
Cybercriminals are redoubling efforts to steal payment card details from retailers before new defenses are put in place, according to FireEye. More than a dozen types of malware were found last year that target point-of-sale systems, the electronic cash registers the process payments at many retailers.
Over the last few years, hackers have successfully breached the systems, targeting weaknesses or software vulnerabilities in order to extract card details to sell on the black market.
Major retailers affected by card breaches in the last few years, including Target, have upgraded their systems. But the cost and long delays in getting new systems certified have delayed the transition, leaving a windows for cybercriminals.
Nart Villeneuve, a senior threat intelligence researcher with FireEye, wrote on Monday that more than a dozen malware families that target POS systems were found last year.
“Criminals appear to be racing to infected POS systems in the United States before U.S. retailers complete this transition,” Villeneuve wrote.
In response, card issuers and banks have improved their ability to identify and block potentially fraudulent transactions. But the potential windfall has criminals working overtime.
Villeneuve described a new type of POS malware called Treasurehunt, which steals payment card data from a computer’s memory.
“In a typical scenario, Treasurehunt would be implanted on a POS system through the use of previously stolen credentials or through brute forcing common passwords that allow access to poorly secured POS systems,” he wrote.
Both the EMV transition and card-not-present issues may have distracted us from the payments security risks still present in merchants’ point-of-sale systems. Those risks have not gone away despite more sophisticated cyber security measures. Not surprisingly, the malware has become smarter too, and fraudsters will typically gravitate to mass retailers’ credit card databases—because that’s where the money is.
Overview by Raymond Pucci, Associate Director, Research Service at Mercator Advisory Group
Read the full story here