Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Data Security / Retailers Hacked by New Malware
New 'Backoff' Malware Slips Undetected into Retail Systems
New 'Backoff' Malware Slips Undetected into Retail Systems
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
'Malicious actors' are using a new variety of malware to access consumer payment data remotely through point-of-sale (PoS) systems, according to a new report released Thursday by the U.S. Department of Homeland Security (DHS).

The "Backoff" malware takes advantage of applications like Microsoft's Remote Desktop and Apple Remote Desktop that let remote users -- telecommuting employees or independent contractors, for example -- connect with a company's in-house computer network. Hackers are employing the malware to connect with PoS systems operated by retailers and other businesses, then using brute force to log into those systems remotely.

"At the time of discovery and analysis, the malware variants had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could not identify the malware as malicious," said the DHS report, which was prepared with the help of the National Cybersecurity and Communications Integration Center; the U.S. Secret Service; the Financial Services Information Sharing and Analysis Center; and Trustwave, a Chicago-based cyber-security company.

Malware Criminals Not 'Sitting Still'

The first variants of the Backoff malware were detected in October 2013, and several new versions have been identified since then, according to the DHS report. The malware has been connected to at least three separate cyberattacks, although the agency did not identify the organizations that were affected.

We reached out to Karl Sigler, manager of threat security at Trustwave, to learn more about Backoff and what organizations can do to protect themselves from such malware attacks.

"It's completely new malware," Sigler told us. "Nobody has seen it before."

In addition to being difficult to detect, new variations of Backoff have continued to emerge, the most recent one being identified in May.

"The criminals out there don't sit still," Sigler said.

Constant Vigilance, Best Practices

While Backoff attacks up until now have been all but undetectable, with the public release of the DHS report and details about the malware's "indicators of compromise," anti-virus software companies are "no doubt" now working to develop protection against the new threat, Sigler said.

In the meantime, he added, retailers and other businesses that want to protect themselves from attacks should be sure to follow the best practices that are regularly recommended by cyber security professionals: use strong passwords, take advantage of two-factor authentication and closely monitor network activity to watch for unusual traffic patterns or strange IP addresses.

Consumers should take similar precautions, said Thomas Holt, associate professor with the School of Criminal Justice at Michigan State University. They should use a secure home computer to, for example, regularly check their bank and payment statements to spot problems as soon as possible.

Continual vigilance is the best defense, Sigler said. Retailers and other businesses, whether they're large or small, can't simply assume that vendor-provided PoS systems automatically provide state-of-the-art security.

"Generally, security takes a back seat" in such systems, Sigler said.

Tell Us What You Think


Posted: 2014-08-01 @ 10:58am PT
Interesting article, best practices in Cyber Security are often hard to identify , I would encourage you to read how companies like OPSWAT are advancing multi-scanning applications to the front lines

Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.