Retail breaches at the point of sale have security vendors scrambling to better understand the situation ahead of the holiday shopping season.
A recent post on eWeek.com looks at one report, issued by Cyphort, which analyzes some of the main culprits of point of sale malware.
As the only full-service point of sale provider — from software development to franchise incubator to ongoing support — part of Sintel’s commitment to our customers and business community is to share relevant ideas, information and industry news.
Here are the highlights of Sean Michael Kerner’s eWeek.com post, “New Report Analyzes Point of Sale Malware”:
• Last year point of sale (POS) breach at Home Depot, which impacted 56 million credit cards and 53 million email accounts. Dr. Fengmin Gong, co-founder and chief architect at Cyphort, suspects that the malware behind the Home Depot breach is one known as FrameworkPOS, though there is reason for some doubt.
• “Cyphort does not have a sample in hand with proper chain of custody to link to Home Depot,” Gong tells eWEEK. “We believe it to be FrameworkPOS based on our analyses of all POS samples we do have and other research reports in the community.”
• Gong notes that it is possible that the malware that hit Home Depot is a variant of Backoff. The focus of Cyphort is more on the behavior of the various point of sale malware families than on which one was used in a particular breach, he tells eWeek.
• Kerner writes that the Backoff malware family was first publicly disclosed by the United States Secret Service in July of 2014 and that at least 1,000 retailers have been impacted by its variants.
• Cyphort has also analyzed a malware family known as BlackPOS, which the company believes was behind the Target breach in November, 2013. In the Target attack, 70 million customers were impacted, and the retailer has said that it will take a $148 million charge to cover related expenses.
• Cyphort found the most common characteristic to Backoff, FrameworkPOS and BlackPOS was the capability to perform credit card information harvesting, using memory scraping on the POS machines. Backoff sets itself apart from FrameworkPOS and BlackPOS in many aspects of its sophistication and capability, Gong tells eWeek.
• Lead Security Researcher Ryan Merritt with security vendor Trustwave explained to eWEEK that all of the POS malware families scrape running memory to pull out credit card numbers as they are being processed. The U.S. Secret Service credits Trustwave in helping to initially discover the Backoff malware.
• “The main functionality is quite similar. Some even argued that BlackPOS and FrameworkPOS were the same family,” Merritt said. “But the biggest differences typically are in how the malware handles maintaining its own persistence on the victim system, and if it handles the exfiltration of the compromised card data.”
• The POS malware families all have multiple variants. According to Merritt, Backoff has more than 10 discovered variants at this point.
Read the full eWeek.com post here.
For more insights into point of sale security, check out our related posts, Criminals Hit Their Target, 40 Million Cards Affected, U.S., Canada And Others Hit By POS Infections, P.F. Chang’s China Bistro Gets Targeted, Safer Consumer Transactions May Be In The Cards, Secure Your Payments, Or Pay The Piper, and Breaking Point Of Sale, and Best Practices For Securing The Point Of Sale.
Just as Sintel shares our vast point of sale experience and expertise with startup owners in order to help them make the best decisions from the very beginning, we are happy to share articles, advice and commentary about retail point of sale and security.
Whether you’re a first-time franchise hopeful, a small business owner or an established chain, it’s always smart to stay on top of the latest point of sale best security practices to achieve financial success.
If you are interested in learning more about Sintel’s point of sale systems and how our knowledge and support can impact your future success, call us for a complimentary phone consultation.
Sintel Systems is the only direct to end user full-service provider of tailored Point of Sale systems across retail, restaurant and service industries, including frozen yogurt shops, pizzerias, sushi restaurants, cafés and retail stores.
As a single source for business solutions, our experienced, knowledgeable team negotiates the complex POS landscape for you to enable you to find the right POS system for your business and budget. Hardware – Software – Support
Questions or Comments: Contact us 855-POS-SALES www.SintelSystems.com