POS malware: The latest threat
Your point of sale is under attack. In fact, that has been named one of the major threats in the annual Verizon Data Breach Investigation Report. POS attacks are a problem for organizations of all sizes from Neiman Marcus to small business. If you’re running payments through a POS system, you’re at risk.
Backoff malware
As a big money maker for hackers, Backoff malware is likely to remain a problem for POS systems. This malware scrapes the memory from running processes and is planted on retailer POS systems to collect consumer data. It works by leaving a copy of itself and creating auto-run registry entries to gather the data. New and more sophisticated versions of this malware are popping up all the time.
Protecting yourself from Backoff malware
Although new versions of the malware are getting harder to detect all the time, you are not completely defenseless.
- Do not rely on anti-virus to catch this quickly changing threat. Run your own malware scanning with pattern matching tools.
- It’s easy to miss legitimate alerts. To avoid false alarms when scanning for the malware, white list legitimate apps that might create alerts and only receive alerts when a non-standard process wants to access another processes memory.
- Focus not only on preventing the malware from entering your system, but also on mitigating the risk once malware has entered your system.
Human error: False sense of security
Being PCI compliant does not mean you’re immune from successful POS attacks. Don’t let PCI compliance lull you into a false sense of security. Neiman Marcus was compliant, yet, hackers spent over 3 months in their system stealing customer data and even leaving clues all over the place about their presence. Watching for a hackers trail and picking up on clues early is essential to protecting your POS.
Since it was publicly revealed in late July of last year, Backoff malware has hit more than 1,000 businesses. The likelihood of Backoff affecting your POS is so high that the U.S. Secrete service has issued an advisory warning against the threat. Be proactive against this threat.
