New DMSniff POS malware targets SMBs
The threat intelligence company Flashpoint in its new research discusses a point-of-sale (POS) malicious program that seems to be proliferating widely while there's one resiliency tactic it applies having learnt from botnet herders.
Dubbed DMSniff, the POS malware, says Flashpoint, targets SMBs (small-and-medium sized businesses) belonging to sectors namely entertainment and restaurant. These sectors physically handle customers' credit and debit cards for settling purchases. Since the cards are placed inside POS devices, crooks attack the devices through malware that scrapes memory and so is called RAM scrapers. During some recent years there have been instances of POS malware attacking Home Depot, Target among others, all large businesses. These attacks have given rise to awareness related to security loopholes within payment processing devices. The DMSniff perpetrator, while not any fresher in stealing from POS systems, in fact is a skilled hacker presenting 2 likewise tools namely DiamondFox and GlitchPOS. Point-of-Sale payment terminals don't yet have the necessary standard of protection, while there's an artificial feeling of security among both the businesses as well as their customers.
Chief threat researchers Joshua Platt and Jason Reaves write that POS malware plague the hospitality and food service industries even now because these businesses continue to use unsupported systems. Here, with card-based transactions as key, cyber-criminals attack the vulnerable devices in use, unabated, explain the researchers. www.bankinfosecurity.com posted this dated March 14, 2019.
According to security researchers from Talos, a few devious persons practicing the POS-based thefts have forcibly claimed ownership of the DMSniff POS malicious program after which they tried trading it at a still higher price. Talos, citing natural deception in this form of crime-ware, states that 'edbitss' was observed developing such malware strains for years despite cyber-security companies publicly cautioning about them. The developer let DiamondFox turn onto one fresh project attacking POS devices. The tool was put for sale just weeks back, and it's still not known what number of buyers it had alternatively how many utilized it. Further, GlitchPOS fully built is pried USD250 while the builder creating the malware is for USD600 and it takes USD80 to buy one changed gate address.
» SPAMfighter News - 3/19/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!