Cyber security company "iSight" has discovered a new "most advanced" malware virus that can entrench itself so deeply into point-of-sale (POS) systems that it will be overlooked by most antivirus software.
Not only does the malware, named ModPOS, embed itself very deep within the architecture of computers, it also features high levels of encryption, which makes it even harder to identify ModPOS as malware.
ModPOS is able to gather the information that goes through checkout terminals, and is even able to record what is typed into the keypad of a POS system. The malware's modules extract the information from the memory of the POS systems and log the keystrokes. The collected data is then transmitted to the attackers' server.
The discovery of the new malware comes at the most appropriate time for the virus to wreak havoc on consumers, as the holiday shopping season is set to formally kick off with the rapidly-approaching Christmas shopping frenzy.
Retailers around the world are now on the hunt for the malware in their systems, hoping to avoid a similar massive data breach which affected large companies in 2013. The infamous Target data breach in the U.S. led to a settlement worth $10 million by the company to its affected customers.
The discovery of ModPOS was made by iSight last month. The company has since shared information on the virus to its clients and several companies. Included in the companies informed by iSight regarding the dangers of ModPOS are retailers, hospitality firms and payment card processing corporations.
Some retail companies have said that they discovered digital proof that connected threat indicators that they had seen before to ModPOS, though this does not automatically mean that they were already victimized by it, according to Wendy Nather, the director of the Retail Cyber Intelligence Sharing Center (R-CISC).
The R-CISC is an industry group created this year to overcome the threat of hackers, whose attacks have become increasingly complicated over the years.