Researchers find new point-of-sale malware called BlackPOS

Group-IB researchers believe the malware has already been used to compromise thousands of payment cards in the US

By Lucian Constantin, IDG News Service |  Security

The malware's author forgot to hide an active browser window where he was logged into Vkontakte -- a social networking site popular in Russian-speaking countries -- when recording the private demonstration video. This allowed the CERT-GIB researchers to gather more information about him and his associates, Komarov said.

The BlackPOS author uses the online alias "Richard Wagner" on Vkontakte and is the administrator of a social networking group whose members are linked to the Russian branch of Anonymous. The Group-IB researchers determined that the members of this group are under 23 years old and are selling DDoS (distributed denial of service) services with prices starting at US$2 per hour.

Companies should restrict remote access to their POS systems to a limited set of trusted IP (Internet Protocol) addresses and should make sure that all security patches are installed for the software running on them, Komarov said. All actions performed on such systems should be monitored, he said.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness