Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fresh GamaPoS Malicious Program Disseminated through Andromeda Botnet

According to Trend Micro the security company, cyber-crooks are hunting PoS (point-of-sale) computers for contaminating with their fresh GamaPoS malware, which digs into computer memory, and is being disseminated via Andromeda a massive sized army of bots with an existence from 2011.

Since long, attackers have been practicing contamination of PoS devices via guessing alternatively, seizing credentials that help gain access remotely. In continuation of that, a large numbers of PoS hacks during past few years have led several companies towards adopting security measures for their processes of remote accession. Consequently, cyber-crooks don't find this attack medium lucrative enough.

This perhaps is the reason why the gang perpetrating GamaPoS is doing it by a separate tactic. Rather than directly attack point-of-sale devices through the Internet the perpetrators are reaching them through the trustworthy inside PC-networks of organizations.

The assaults begin with spam mails carrying the malware and posing as containing documents, which comply with the Payment Card Industry Data Security Standard (PCI DSS), else software updates essential for safeguarding computers from the lately unearthed malicious program MalumPs. There are malevolent macros inside the attachments which plant backdoor for delivering the GamaPoS.

Trend Micro states that the above description implies that the assault executes one spam run for spreading Andromeda backdoors, contaminates PCs with malicious PoS program, followed with expecting seizure of target PoS devices from among massive volumes. As per approximate computations, GamaPoS may've just struck 3.8% of the systems impacted with Andromeda, the security company adds. Securityaffairs.com published this, July 17, 2015.

Trend Micro's researchers further found that the miscreants employed the backdoor for taking down programs with which other computers of the impacted PC-networks could be hacked followed with making lateral movements thereafter.

The malware reportedly contaminated computers within various industries such as consumer electronics, online retail and home healthcare. Several organizations in USA and a few in Canada's Vancouver province too may've been impacted.

Enterprises, which utilize payment cards like Maestro and Discovery are endangered with losing the sensitive information of their customers, caution the researchers, while recommend deployment of proper spam filters which scan attachments for malware.

ยป SPAMfighter News - 7/27/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page