Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

FighterPOS malware strikes over 100 terminals in Brazil, captures info for 22K cards

14/04/2015 by Sharon Shahzad

W1siziisijiwmtuvmdqvmtqvmtqvndivmzqvntmwl0hvd190b19vc2vfq3jlzgl0x0nhcmrftwfjagluzxmuanbnil0swyjwiiwidgh1bwiilci2mdb4ndawxhuwmdnlil1d

Analysts believe that recent point-of-sale (POS) malware attacks targeting more than 100 terminals in Brazil were the handiwork of a single person – who managed to steal more than 22,000 unique credit cards numbers in a little over a month.

The malware dispatched, “FighterPOS,” was also standout because, in addition to collecting credit card track 1, track 2 and CVV codes and featuring RAM scraping functionality, it allowed threat actors to launch distributed denial-of-service (DDoS) attacks against targets.

According to Trend Micro, which detailed the operation in a Monday blog post, FighterPOS appeared to be a modified version of older malware called, vnLoader, with features malware auto-update functions, file download and execution, and transfers credit card and keylogged data from infected hosts to criminals. Researchers also believed that FighterPOS was constructed from older malware since samples of the threat were written in Visual Basic 6, programming language “considered outdated and antiquated,” though still functional with fully patched systems, the blog post explained.  

Between late February and early April, 113 terminals running Linx MicroVix or Linx POS systems were infected with FighterPOS. More than 95 percent of the malware attacks were in Brazil, but a very small number were detected in the U.S., UK, Mexico and Italy.

According to Jon Clay, senior manager of global threat communications at Trend Micro, who spoke to SCMagazine.com in a Monday interview, other attackers will certainly want to take advantage of the new POS malware &ndash and my now have the opportunity to do so.

Clay pointed out that the sole perpetrator of the attacks in Brazil was actively selling the FighterPOS control panel and malware code for 18 bitcoins, worth around $5,250 – not an outlandish sum considering the potential payout for fraudsters. Furthermore, its suite of malicious capabilities may make it more appealing to buyers.

This article has been extracted from http://www.scmagazine.com, please click on this link to read the article in full http://www.scmagazine.com/recent-pos-malware-attacks-in-brazil-may-be-work-of-sole-perpetrator/article/408795/

About Montash 
Montash is a multi-award winning, global IT recruitment business. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

 

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdkvmtgvmtavmtivndyvodeyl1dvbwvuigluihrly2ggkdiplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Tech is for girls... and always has been!

2017-09-18 10:00:00 +0100

Today, it's hard to deny that the IT and tech industry is a male-dominated field. Women earn only 28%[1] of computer science degrees, while the quit rate for women in the high tech industry is 41%[2], twice as high as it is for men. These two statistics would suggest that perhaps women aren't just discouraged from entering the tech field, but may find it a challenging environment to work in both in terms of treatment and pay. Facebook chief operating of...

W1siziisijiwmtcvmdkvmdgvmtevmtuvmzqvmtgwl0hpcmluzybnaxn0ywtlcy5qcgcixsxbinailcj0ahvtyiisijm4mhgxmdajil1d

Common Hiring Mistakes for SAP Consultants

2017-09-08 12:00:00 +0100

Choosing the wrong consultant can lead a project down a ruinous path. Deadlines get missed, quality of work decreases and money is wasted. When you're putting together a new SAP project, getting the right talent is paramount. We discussed hiring mistakes with our Senior Business Manager, Adam Blaney and asked him the question of how to minimise risk in hiring SAP Consultants. “Hiring any form of technology based consultant is difficult. The hardest part...