Security researchers have discovered a POS (point-of-sale) malware that is intended to steal Credit Card Data

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn0

Security researchers from Forcepoint (US security firm) have discovered a new strain of malware called UDPoS that relies on a different method to steal credit/debit card data from point-of-sale (PoS) systems.

A PoS device is designed to perform a retail transaction. It calculates the amount clients must pay for their purchases and give options for clients to make said payment. PoS devices are connected to the Internet to authorize transactions by sellers.

The POS malware uses Domain Name System (DNS) queries to exfiltrate stolen credit card information, instead of HTTP that has been applied by most POS malware in the past. UDPoS masks itself as an update from LogMeIn, which is a legitimate remote desktop control service used to manage machines remotely. This method has been used to avoid detection while transporting stolen credit card data pass firewalls and other security controls.

LogMeIn said that the malware is designed to fool an unsuspecting user into executing a malicious email, link or file, possibly including the LogMeIn name.

“This link, file or executable isn’t provided by LogMeIn and updates for LogMeIn products, including patches, updates, etc., will always be delivered securely in-product. You’ll never be contacted by us with a request to update your software that also includes either an attachment or a link to a new version or update.”

Source: forcepoint.com

 

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn0
The following two tabs change content below.

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Leave a Reply