AbaddonPOS malware preys on retail POS software
POS Software
ram@justransact.com
13-05-2016 00:00:00
AbaddonPOS malware preys on retail POS software

While Ransomware is garnering the majority of headlines these days, Point Of Sale (POS) malware is still a clear and present danger, according to researchers at Proofpoint.

 

In fact, the researchers report, cybercriminals are intensifying their efforts to exploit the rollout in the U.S. of chip-and-PIN cards by deploying malware as a vital tool for stolen credit card data and ill-gotten gain.

 

A new assault the firm has been tracking attempts to install TinyLoader and AbaddonPOS point-of-sale malware, which is delivered via an email campaign specifically geared to retail operations and which is highly personalized (the recipient's name appears in the message). 

 

Plus, the message contains a seductive lure, an image of a spinner one expects to see when content is loading. A message asks the recipient to enable content by clicking on it. Once a user clicks, the malicious macro is delivered.

 

At that point, various C&C servers are contacted which deliver a new, more evolved variant of AbaddonPOS, capable of testing various blacklist/whitelist implementations and changing methods in the way pilfered credit card data is siphoned.

 

The malware, the researchers say, is still under active development and they expect further email campaigns targeting POS systems to steal credit card data – despite improvements in PCI DSS compliance requirements. 

 

"Comprehensive email, network and endpoint protection – along with user education – remain the best ways to protect systems and customer data," the Proofpoint researchers conclude.

-K Ramanathan ram@justransact.com


No Comments Yet

Subscribe to comments feed

Leave a Reply

Your email address will not be published. Required fields are marked *

Let's Be Friends
Fb general logo Twitter icon Google Plus icon Youtube icon Pinterest Linkedin
Need help? Contact Us
cs@justransact.com (or) Call us: 1800 123 3010

×
©2013 - 2019 : View site: Desktop 22 years domain experience