Newly uncovered malware uses DNS requests to siphon credit card data
Researchers have discovered new malware that relies on a unique way to steal credit card information from point-of-sale systems. In a blog post published on Thursday, Forepoint says its found malware that uses Domain Name System (DNS) requests in order to extract credit card information. That sets it apart from most other POS malware, which would normally use HTTP requests to exfiltrate data. Luke Somerville, head of special investigations for Forcepoint Labs, says companies would normally look for unusual activity in their HTTP requests in order to detect data theft. Somerville says the malware, which it is dubbing “UDPoS”, hasn’t affected any of Forcepoint’s customers, but that “there may well be people out there who we’re not protecting who may have been affected by this.” He added that Forcepoint was able to prove that the malware could successfully steal credit card data. “They’re kind of just sneaking the data out […]
The post Newly uncovered malware uses DNS requests to siphon credit card data appeared first on Cyberscoop.
Continue reading Newly uncovered malware uses DNS requests to siphon credit card data