Small and Medium-sized Businesses (SMBs) proved lucrative and easy point-of-sale (POS) malware attack targets this quarter across the world, according to a report.
According to a Trend Labs report, SMBs' had suffered the most with POS malware accounting for 45 per cent.
Malware attacks in Point-of-Sale has been there for a while but most interesting is that cybercriminals have shifted from using targeted-attacking format to traditional mass-infection tools like spam, botnets, and exploit kits.
"Attackers went after as many vulnerable POS devices
as possible in hopes of hitting the jackpot. They relied on tried-and-tested tactics like spamming as well as tools like macro malware, exploit kits, and botnets. They must have done something right because the POS malware detection volume grew 66 per cent. SMBs, which had poorer protections in place compared with large enterprises, suffered most," according to TrendLabs' press release, which further said, "This could be due to the extensive customer databases they keep with minimal to non existent security. We'll likely see more of such attacks in the future."
The slow adoption of next-generation payment technologies like the Europay, MasterCard, and Visa (EMV) and contactless Radio-Frequency-Identification (RFID)-enabled credit cards, mobile wallets (Apple Pay and Android Pay), and new payment-processing architectures could also adversely affect the security landscape, the report said.
A POS random access memory (RAM) scraper made its way into devices aided by the Angler Exploit Kit,which is known for using malvertisements and compromised sites as infection vector.
Kasidet or Neutrino malware began sporting POS-RAM-scraping capabilities this quarter. Kasidet, a commercially available builder, is known for its use in DDOS attacks, hits into POS systems via malware-laced spam. As a result, its latest iteration accounted for 12 per cent of this quarter's total POS malware detection volume.
This July, a new GamaPOS variant spread mayhem with the help of the Andromeda botnet and the "dynamite or blast fishing" approach. Blast fishing is the practice of using explosives to stun or kill schools of fish for easy collection. Attackers spammed practically every address they could get their hands on in hopes that the malware would make their way to PoS systems
. Their emails came with macro malware attachments or links pointing to compromised websites.