The Department of Homeland Security released an advisory Friday afternoon reporting an additional 1,000 businesses have been affected by the same attack that breached the payment processing systems of Target, Supervalu and, recently, UPS Stores.
As of now, seven companies have confirmed to government officials they have learned of multiple customers affected by an attack on each of their payment processing systems, although most companies have yet to announce the incident to officials or their customers.
Like the United States Parcel Service and nationwide supermarket chain Supervalu, the realization of the intrusion to their networks came after an advisory issued to retailers late last month.
The advisory, prepared by the National Cybersecurity and Communications Integration Center (NCCIC), the United States Secret Service (USSS) and its partners, warned of the sophisticated point-of-sale malware known as “Backoff.”
The point-of-sale malware was initially found capable of stealthily surpassing detection from most types of anti-virus software and typically consisted of scraping memory for track data, keylogging, command and control (C2) communication and injecting malicious stub into explorer.exe, among other variants.
Tripwire security researcher Tyler Reguly commented, “The fact that more than 1000 businesses have been compromised shouldn’t come as a shock to anyone. We live in a world of check-box compliance, where security is performed against a balance sheet and those in charge have a business background instead of a security background.”
Reguly added, “Until businesses put strong technical minds that truly understand security in positions to make positive changes and accept that there is a cost associated with security, this will continue to be a problem.”
The DHS urges companies to contact their service providers, antivirus vendors and cash register system vendors to search for “Backoff” in their systems and assess whether they’ve been compromised, or remain vulnerable to an attack.
Read More Here…