The FBI has warned American retailers that cyber attacks on point of sale software are likely to continue in 2014. The announcement comes in the wake of very public security breaches of retailers Target and Neiman Marcus that exposed millions of customers’ credit card details.
The attack on Target was carried out using software called BlackPOS – a remote PC application that “scrapes” data from customer databases and stores it online. More than 20 US retailers are believed to have been targeted using the software in the last year, according to a recent announcement from the FBI.
The FBI released a confidential report to major US retailers last week outlining the dangers presented by malicious software to point of sale systems. The report notes that “memory-parsing” malware can infect point of sale systems and collect it for a criminal syndicate to later sell to online fraudsters and marketers.
Some of the credit card information from the Target hack has already made its way onto underground online marketplaces. During the 19 days that the Target security breach ran undetected, an estimated 70 million customer profiles and 40 million credit card details were stolen, the FBI believes.
The software used to “scrape” the data steals the customer’s information as the sale is being made. While credit card payment systems almost always encrypt user data to protect against theft, the BlackPOS software scrapes the data during the very brief period that it’s displayed in the computer’s memory using plain text.
BlackPOS’s developers have taken a number of steps to make the software tougher for anti-virus applications to detect. Hackers and cyber criminals can buy the online malware applications from a variety of underground forums, with a similar malware app called Alina sold openly online for $6,000.
