So, did you know about Backoff Point-of-Sale Malware? If you did, how much did you know about it and what steps have you been taking to combat a possible threat?
POS Hack: In vogue…
Point-of-Sale (POS) hack ranks high in the world of cybercrime. It’s most persisitent and highly successful and individuals as well as organised syndicates have been using it very effectively to steal credit card data and other personal data. Cybercriminals are vying with one another to steal critical data from retailers and thereby rob people of their money. Different types of malware have been found and anti-malware softwares too are in circulation, to combat these attacks.
Backoff Point-of-Sale Malware: An Introduction
It was about a couple of years ago, in July 2014, that the US Department of Homeland Security, in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), issued an alert about a new strain of malware, dubbed ‘Backoff’. The release stated- “The purpose of this release is to provide relevant and actionable technical indicators for network defense against the PoS malware dubbed “Backoff” which has been discovered exploiting businesses’ administrator accounts remotely and exfiltrating consumer payment data”.
What it is? How it works?
This malware, as per the alert issued by the Department of Homeland Security, was seen to be existing as three different variants and was there “as far back as October 2013”. The malware enables cybercriminals to scrap memory for track data, log keystrokes, command and control (C2) communication and inject malicious stub into explorer.exe. The advisory prepared by the Department of Homeland Security gives this explanation- “The malicious stub that is injected into explorer.exe is responsible for persistence in the event the malicious executable crashes or is forcefully stopped. The malware is responsible for scraping memory from running processes on the victim machine and searching for track data. Keylogging functionality is also present in most recent variants of “Backoff”. Additionally, the malware has a C2 component that is responsible for uploading discovered data, updating the malware, downloading/executing further malware, and uninstalling the malware.”
The ultimate effect obviously is upon the consumer whose personal data and eventually hard-earned money gets stolen. At the same time businesses too bear the brunt of the attack. Their brand and reputation get affected and things go out of control for them, eventually leading to great falls.
Combating Backoff Malware
The following things can be done to mitigate risks to businesses as well as to individual consumers…
These and certain other steps can be taken to minimise risks that can be caused by the Backoff Malware.