Skip to content ↓ | Skip to navigation ↓

Cybercriminals are leveraging a powerful new strain of point-of-sale malware to target the payment systems of retailers this holiday season.

According to threat intelligence firm InfoArmor, the new malware – dubbed “Pro PoS” – is designed to infect the principal operating systems, including newer operating systems, used by companies in the retail environment.

Like several other Point-of-Sale malware families, such as the infamous BlackPoS, Pro PoS is capable of stealing debit and credit card data from infected systems, and hiding its command and control servers (C&C) through the TOR protocol.

At only 76KB, it is also known to implement rootkit functionalities and other mechanisms to avoid detection from common antivirus systems. As The Register further explains:

“Developers of the malware also integrated a polymorphic engine, so that each build has different signatures, for added stealth and as a measure designed to foil security defences.” 

InfoArmor adds the “Pro PoS Solution” is currently available for sale in underground forums, costing crooks about $2,600 for a six-month license during last week’s Black Friday sales.

pro_pos_malware
Source: The Register

Cybercriminals are reportedly already leveraging the new malware strain to target retailers and small-to-midsize businesses (SMBs) in both the United States and Canada, specifically.

The Pro PoS malware code developers are believed to originate from Eastern Europe, said the security firm.

A recent report by security firm TrendMicro notes that SMBs were heavily hit by malware attacks in Q3 of 2015, with experts estimating the trend to continue well into next year.

['om_loaded']
['om_loaded']
<!-- -->