Malicious software also known as malware is software that steal sensitive information, interrupt computer operations and/or breach private computer systems. Malware can be any type malicious software – even the recent Flappy Bird fake android app. The majority of active malware however are generally worms or trojans instead of computer viruses or spyware.
The malware used in the recent breaches including Target breach are known as point of sale (POS) malware. These types of Malicious software specifically target point of sales systems are often used to steal credit and debit card data. Here are a few of the most common names of POS malware:
Specifically designed to bypass firewall software and record all data from credit and debit cards when swiped at an infected POS device. BlackPOS affects Windows based POS and breaches information between the card reader and the POS device. At this point, “track data” or data that can replicate a physical card is obtained by the malware and uploaded to a remote server using an FTP. More here.
This Trojan tool was used to compromise Target and other companies in a well-orchestrated operation now named Kaptoxa. The malware is a new variant of BlackPOS that was extremely customized to prevent detection from antivirus software. Trojan.POSRAM also identifies unencrypted track data when credit cards are processed at a POS terminal and extracts it.
The data is then stored on the point of sale system and then sends it over to an internal host in the compromised network where the cyber attackers can take the data using an FTP. More here.
As both these types of malware are not technically sophisticated it really supports the fact that retailers in Canada and the United States need to be extremely conscientious in protecting their credit card and networking ecosystem. Adhering to PCI-DSS prevents these disasters from happening.
Want PCI-DSS advice? Our experts can help you – contact us here.