Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
These days, you can’t go into a store or mall without being asked to use a point of sale (PoS) system during checkout, versus an antiquated cash register. PoS systems are terribly convenient; some allow you to use the system by simply touching the machine with your credit card or phone. However, they are not known for their security and, in fact, are infamously insecure. With PoS systems so ubiquitous and used daily, how do we protect ourselves from exposure to risk as operators and clients? Breaches, such as the Target breach of 2013, saw the personal information of approximately 70 million customers stolen during the holiday season due to the introduction of the BlackPoS malware variant.
Figure 1: Advertisement for BlackPOS on a Russian forum in 2015
Notable and recent examples of breaches related to PoS malware include the United Parcel Service, where the BackOff PoS malware variant was observed, or in cases such as those associated with CherryPicker and AbbaddonPoS and most recently the case of Hyatt hotels. In November 2015, iSIGHT Partners began warning retailers of what it called the most sophisticated piece of PoS malware that it had ever seen. According to iSight, ModPOS, which they believe has been active since 2013, is far more capable than many of its peers in that it goes well beyond typical banking card scraping. Our research corroborates the timeframes noted in earlier reports with respect to ModPOS being discussed in the underground. ModPOS has already breached several U.S. retailers and that the code itself is modular meaning that it is contains modules such as:
So what can retailers do to protect themselves and their customers from PoS malware, such as ModPOS? To begin with retailers can:
There are many ways through which retailers can protect themselves from PoS malware, just as there are many ways through which they can protect themselves from other forms of malicious code and content. Putting these practices and technologies in place with solid teams operating strong programmatic elements is key in the successful mitigation of this type of risk for the organizations and their clients.