March 26, 2015
PoSeidon Malware targeting PoS Systems
A new recently uncovered malware has been seen actively targeting PoS (Point of Sale) systems.
Seemingly bourne out of Russia, PoSeidon uses a network of Command and Control servers so that it’s payload can be changed at will.
Research has shown that PoSeidon is searching PoS systems and their connected networks for Card Holder data.
Mainly in the US where chip and pin is not widely used, magnetic “stripe” data can be sold for good money on the black market, as it makes card cloning much easier than EMV areas who have adopted Chip and Pin.
After all, when were you last asked to swipe your card ?
Once the malware finds card data, it encrypts them and uploads them to a remote server.
Researchers at network giant Cisco discovered the malware. In an interview, they said:
“PoSeidon is another malware targeting PoS systems that demonstrates the sophisticated techniques and approaches of malware authors. Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection,”
The current advice is to use firewalls, keep the card holder environment as secure as possible and perform regular security scans.
If you need advice on securing your network, get in touch now.