Point-of-sale malware evolves to target travellers
-
Evolutions to the NewPosThings malware family suggest travellers are its new target, according to security researchers.
NewPosThings was uncovered last September by Arbor Networks, which said it uses memory scraping processes to find credit card data on point of sale (PoS) systems, before sending the information back to a central server.
...
Christopher Budd, global threat communications manager at Trend Micro, said “in a post-Target world, anything that takes a credit card is going to be something that attackers are going to look at” as a possible attack vector.
Cybercriminals also take advantage of the fact that many consumers “suffer from idea compartmentalisation,” not considering that card terminals at the last airport they travelled through, may be just as appealing, if not more, to credit card data thieves as those belonging to big box retailers.
“That's why PoS attacks are so viable right now, because from an attacker's point of view, [these avenues] are nearly as attractive as PCs,” Budd said.
-
“That's why PoS attacks are so viable right now, because from an attacker's point of view, [these avenues] are nearly as attractive as PCs,” Budd said.
And PoS manufacturers and programmers are total idiots most of the time and make the worst possible stuff you can imagine with literally no security at all in most cases, and in even more cases has to run as full administrator and every other terrible mistake you can imagine.
