{"id":578,"date":"2015-05-06T12:00:09","date_gmt":"2015-05-06T19:00:09","guid":{"rendered":"http:\/\/sintelsystemspos.com\/?p=578"},"modified":"2015-05-05T09:52:33","modified_gmt":"2015-05-05T16:52:33","slug":"backoff-tracking-memory-taking-credit","status":"publish","type":"post","link":"https:\/\/sintelsystemspos.com\/de\/backoff-tracking-memory-taking-credit\/","title":{"rendered":"„Backoff“ Tracking Memory, Taking Credit"},"content":{"rendered":"

\"Computer<\/a>News has arrived of „Backoff,“ another point of sale (POS) malware now plaguing retailers.<\/span><\/p>\n

In an Arstechnica.com post, „Stealthy New Malware Snatching Credit Cards From Retailers\u2019 POS Systems,“ Backoff is described as a variant of the malware installed on point of sale systems that was used in a series of recent attacks by cyber criminals.\u00a0<\/span><\/p>\n

The post notes that the malware scrapes credit card data out of the infected computer\u2019s memory, one characteristic it shares with Target\u2019s point of sale systems\u00a0attack last year.<\/span><\/p>\n

As the only full-service point of sale provider \u2014 from software development to franchise incubator to ongoing support \u2014 part of Sintel’s commitment to our customers and business community is to share relevant ideas, information and industry news.\u00a0<\/span><\/p>\n

Here are the highlights of the Arstechnica.com post:<\/span><\/p>\n

\u2022 The initial alert was given by the U.S. Computer Emergency Response Team (CERT), in cooperation with the Secret Service and researchers at Trustwave\u2019s Spiderlabs. Backoff was discovered installed on point-of-sale systems used in a series of recent attacks by cyber criminals.<\/span><\/p>\n

\u2022 Before Backoff’s discovery, researchers found it had a „zero percent detection rate“ on commercial antivirus products.<\/span><\/p>\n

\u2022 Malware such as Backoff is used to collect credit cards and other transaction data taken from point of sale machines, a big target for hackers. The data is then resold or used to create fraudulent credit cards.<\/span><\/p>\n

\u2022 The researchers also said the Backoff-based attacks were reminiscent of the 2011 Subway franchise attacks, a case where hackers used remote desktop software left active on the machines to gain entry, either by brute-force password attacks or by taking advantage of a default password, and then installing the malware on the hacked system.<\/span><\/p>\n

\u2022 Among Backoff’s specific technical aspects noted by CERT in the Arstechnica.com post are:<\/p>\n

– Backoff is Windows-specific malware that runs in the background watching memory for „track“ data from credit card swipes.<\/span><\/p>\n

– Backoff also runs a keylogger, recording the infected machine’s keyboard keystrokes, which may be further analyzed.<\/p>\n

– Backoff also installs a malicious stub in Windows Explorer that allows it to reload the in-memory component if it crashes.<\/p>\n

– Backoff communicates with the criminals\u2019 command and control network to send home captured credit card data as well as check for malware updates.<\/p>\n

\u2022 „Because of the way that it has been used thus far, Backoff is likely more of a threat to smaller retailers and franchises, who commonly use remote desktop software to allow business managers to connect in from another store or\u00a0allow remote software support,“ writes Arstechnica.com. „But it could be used on a larger scale in the hands of a more sophisticated cybercrime ring.“<\/span><\/p>\n

Read the full ArsTechnica.com post here<\/span><\/a>.<\/span><\/p>\n

For more insights into point of sale security, check out our related posts,\u00a0Criminals Hit Their Target, 40 Million Cards Affected<\/span><\/a>,\u00a0Target Hack Claims Its Final Victim<\/span><\/a>, EMV Technology Chips Away at Credit Card Fraud<\/span><\/a>, and Target Acquisition<\/span><\/a>.<\/span><\/p>\n

Just as Sintel shares our vast point of sale experience and expertise with startup owners in order to help them make the best decisions from the very beginning, we are happy to share articles, advice and commentary about retail point of sale and security.<\/span><\/p>\n

Whether you’re a first-time franchise hopeful, a small business owner or an established chain, it’s always smart to stay on top of the latest POS best security practices to achieve financial success.<\/span><\/p>\n

If you are interested in learning more about Sintel\u2019s point of sale systems and how our knowledge and support can impact your future success, call us for a complimentary phone consultation.<\/span><\/p>\n

Sintel Systems<\/a><\/span>\u00a0is the only direct to end user full-service provider of tailored Point of Sale systems across retail, restaurant and service industries, including\u00a0frozen yogurt shops<\/span><\/a>,\u00a0pizzerias<\/span><\/a>,\u00a0sushi restaurants<\/span><\/a>,\u00a0caf\u00e9s<\/span><\/a>\u00a0and\u00a0retail stores<\/span><\/a>.<\/span><\/p>\n

As a single source for business solutions, our experienced, knowledgeable team negotiates the complex POS landscape for you to enable you to find the right POS system for your business and budget.\u00a0Hardware<\/span><\/a>\u00a0–\u00a0Software<\/span><\/a>\u00a0–\u00a0Support<\/span><\/a><\/span><\/p>\n

Questions or Comments:\u00a0Contact us<\/span><\/a>\u00a0855-POS-SALES\u00a0www.SintelSystems.com<\/span><\/a><\/span>
\n<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

News has arrived of „Backoff,“ another point of sale (POS) malware now plaguing retailers. In an Arstechnica.com post, „Stealthy New Malware Snatching Credit Cards From Retailers\u2019 POS Systems,“ Backoff is described as a variant of the malware installed on point of sale systems that was used in a series of recent attacks by cyber criminals.\u00a0 […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":{"0":"post-578","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-uncategorized","7":"czr-hentry"},"_links":{"self":[{"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/posts\/578","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/comments?post=578"}],"version-history":[{"count":1,"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/posts\/578\/revisions"}],"predecessor-version":[{"id":579,"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/posts\/578\/revisions\/579"}],"wp:attachment":[{"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/media?parent=578"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/categories?post=578"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sintelsystemspos.com\/de\/wp-json\/wp\/v2\/tags?post=578"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}