FIN8 Targets Card Data at Fuel Pumps
Paying at the pump has landed in the sights of the notorious PoS-skimming group. Continue reading FIN8 Targets Card Data at Fuel Pumps
Category Archives: point of sale
PoS Malware Exposes Customer Data of Catch Restaurants
A newly announced data breach of several popular Catch restaurants stemmed from malware on its point-of-sale (PoS) systems. Continue reading PoS Malware Exposes Customer Data of Catch Restaurants
ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical
Overall, across all retail programs, more than 18 percent of all bug bounty submissions are critical in severity, a new Bugcrowd report found. Continue reading ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical
FIN6 Switches Up PoS Tactics to Target E-Commerce
The group is using the More_eggs JScript backdoor to anchor its attack. Continue reading FIN6 Switches Up PoS Tactics to Target E-Commerce
Teardown: VeriFone MX 925CTLS Payment Terminal
Regular Hackaday readers may recall that a little less than a year ago, I had the opportunity to explore a shuttered Toys “R” Us before the new owners gutted the building. Despite playing host to the customary fixture liquidation sale that takes place during the last death throes of such …read more
Continue reading Teardown: VeriFone MX 925CTLS Payment Terminal
FIN8 tries to breach U.S. hotel with new malware variant, researchers say
A well-known criminal hacking group tried to breach the computer network of a U.S. hotel using a variant of malware the group had last deployed in 2017, according to research from endpoint security firm Morphisec. FIN8, as the financially-driven group is known, made several upgrades to its ShellTea malware, aiming it at the network of the hotel between March and May, according to Morphisec. Researchers believe it was an attempted attack on a point-of-sale POS) system, or one that processes payment card data. The intrustion attempt was blocked. In a blog post published Monday, Morphisec warned of the vulnerability of POS networks to groups like FIN8. “Many POS networks are running on the POS version of Window 7, making them more susceptible to vulnerabilities,” wrote Morphisec CTO Michael Gorelik. “The techniques implemented can easily evade standard POS defenses.” The research did not identify the hotel by name or specificy its location, […]
The post FIN8 tries to breach U.S. hotel with new malware variant, researchers say appeared first on CyberScoop.
Continue reading FIN8 tries to breach U.S. hotel with new malware variant, researchers say
POS Malware Found at 102 Checkers Restaurant Locations
One of the most popular U.S. drive-through restaurants has been hit with a data breach due to POS malware. Continue reading POS Malware Found at 102 Checkers Restaurant Locations
Payment scammers hit 201 campus checkouts with Magecart-inspired tactics
A gang of payment-card scammers has targeted 201 college and university campus stores, trying to steal students’ financial data in a Magecart-style attack, according to new research. The new cybercrime group, labeled Mirrorthief, injected malicious code on payment checkout pages at hundreds of U.S. and Canadian stores, according to TrendMicro research published Friday. By compromising PrismWeb, an e-commerce platform designed for college stores, the attackers could collect payment card details, names, addresses and phone numbers, researchers said. PrismWeb is made by PrismRBS, a subsidiary of the Nebraska Book Company. TendMicro’s report comes as security researchers continue to grapple with an expansion of payment-card thievery along with an apparent surge in demand for stolen financial information. Success by one group inspires imitators in another. The most prominent, Magecart, is a collection of perhaps 12 hacking campaigns that steal payment information by secretly collecting data from online checkout pages. TrendMicro researchers noted that Mirrorthief is […]
The post Payment scammers hit 201 campus checkouts with Magecart-inspired tactics appeared first on CyberScoop.
Continue reading Payment scammers hit 201 campus checkouts with Magecart-inspired tactics
Magecart is the most infamous payment skimmer. But it’s hardly the only one.
There’s been a steady stream of news about malware designed to skim customer payment data during e-commerce transactions, but research by security vendor Group-IB suggests that the problem is broader than the public might realize. JavaScript-sniffers — JS-sniffers for short — were lurking on 2,440 hacked websites that receive roughly 1.5 million unique daily visitors, according to research published Wednesday by the Moscow-based company. The malicious software essentially produces the same results as a credit card skimmer: Cybercriminals inject a few lines of code onto target websites, then sweep up account numbers, names, addresses and other information that’s valuable on dark web markets. And it’s not just Magecart, the best known group of JS-sniffers, Group-IB says. Twelve Magecart groups have been in operation, but Group-IB says its researchers discovered a total of 38 JS-sniffer groups — at least eight of which have not previously been investigated in detail. One JS-sniffer campaign, known as TokenLogin, was detected on sites that […]
The post Magecart is the most infamous payment skimmer. But it’s hardly the only one. appeared first on CyberScoop.
Continue reading Magecart is the most infamous payment skimmer. But it’s hardly the only one.
GlitchPOS Malware Appears to Steal Credit-Card Numbers
A new malware targeting point of sale systems, GlitchPOS, has been spotted on a crimeware forum. Continue reading GlitchPOS Malware Appears to Steal Credit-Card Numbers