FBI, Trend Micro Issue Warnings to Merchants
Recent point-of-sale malware attacks, and reports about emerging malware strains, highlight why more attention needs to be paid to POS system security.
Last week, restaurant/grocery store chain Eataly reported a malware-related POS breach at its New York location, one of 27 worldwide. The breach, which the company says may have exposed card transactions conducted from Jan. 16 through April 2, is drawing attention because some experts believe it might have involved the compromise of card data in transit.
This week, the FBI issued an alert to certain businesses about a new POS malware strain known as Punkey, which was involved in a breach at a U.S. restaurant chain, according to The Washington Free Beacon. Punkey is a memory-scraping POS malware that can be used to compromise any Windows-based POS network. Experts says it’s tough to crack, because it encrypts the compromised data it exfiltrates.
The FBI did not respond to Information Security Media Group’s request for more information about the alert.
Meanwhile, security firm Trend Micro has issued an alert about another new POS malware strain known as MalumPOS, which is targeting POS devices running on the Oracle MICROS platform that are commonly used by restaurants and the hospitality industry in the U.S.
Trend Micro does not mention any specific breaches where MalumPOS was used, but it does point out that this malware strain was detected in the wild. It says the malware was selectively searching for card data linked to Visa, MasterCard, American Express, Discover and Diner’s Club.
POS System Security Too Weak
Eric Merritt, a security researcher at forensics investigation firm Trustwave, says these recent developments demonstrate how POS malware is evolving, and why more attention has to be paid to POS security.
“The concerning thing to me really is the security state of POS systems that allows these types of attacks to occur,” Merritt says. “This is why penetration testing is so important. I’m less concerned about what terminals the malware is targeting, and more concerned about how the malware is getting in.”
If POS devices and systems were more secure, many of these emerging malware strains would be much less effective, he contends.