Skip to content ↓ | Skip to navigation ↓

Cybercriminals are leveraging a powerful new strain of point-of-sale malware to target the payment systems of retailers this holiday season.

According to threat intelligence firm InfoArmor, the new malware – dubbed “Pro PoS” – is designed to infect the principal operating systems, including newer operating systems, used by companies in the retail environment.

Like several other Point-of-Sale malware families, such as the infamous BlackPoS, Pro PoS is capable of stealing debit and credit card data from infected systems, and hiding its command and control servers (C&C) through the TOR protocol.

At only 76KB, it is also known to implement rootkit functionalities and other mechanisms to avoid detection from common antivirus systems. As The Register further explains:

“Developers of the malware also integrated a polymorphic engine, so that each build has different signatures, for added stealth and as a measure designed to foil security defences.” 

InfoArmor adds the “Pro PoS Solution” is currently available for sale in underground forums, costing crooks about $2,600 for a six-month license during last week’s Black Friday sales.

pro_pos_malware
Source: The Register

Cybercriminals are reportedly already leveraging the new malware strain to target retailers and small-to-midsize businesses (SMBs) in both the United States and Canada, specifically.

The Pro PoS malware code developers are believed to originate from Eastern Europe, said the security firm.

A recent report by security firm TrendMicro notes that SMBs were heavily hit by malware attacks in Q3 of 2015, with experts estimating the trend to continue well into next year.

Hacking Point of Sale
  • joeyd82

    What about this past Nov.2015? My sister had $2,100 taken from acct somehow in a long island,NY Target Store, the same day she used debit card at a Target in Manhattan? Why aren’t they bringing this up? I’m sure she not only victim?!