Category Archives: POS systems

Well-developed backdoor can harvest information from restaurants, bars and hotels, researchers say

Posted on by

Restaurants, bars and hotels are taking a big hit from the coronavirus pandemic, but they still can be inviting targets for cybercriminals. A point-of-sale-system widely used in the hospitality industry to process credit card payments and other transactions — ORACLE MICROS Restaurant Enterprise Series (RES) 3700 — is vulnerable to a backdoor that allows attackers to see some of the information in the system’s databases, according to researchers at Slovakia-based cybersecurity company ESET. The researchers stress that highly sensitive pieces of information — such as credit card numbers and expiration dates – do not appear to be vulnerable to the malware, which they’re calling ModPipe. The malicious software, for now, harvests only “data stored in the clear,” ESET says, including cardholder names. But ModPipe potentially could be the conduit for more harmful malware, given that it is modular — meaning that it’s designed for attackers to swap features in and out. […]

The post Well-developed backdoor can harvest information from restaurants, bars and hotels, researchers say appeared first on CyberScoop.

Continue reading Well-developed backdoor can harvest information from restaurants, bars and hotels, researchers say

Fin7 sysadmin pleads guilty to running IT for billion-dollar crime syndicate

Posted on by

Fedir Oleksiyovich Hladyr is the first member of the infamous cybercrime network to be found guilty of hacking-related crimes in a US court. Continue reading Fin7 sysadmin pleads guilty to running IT for billion-dollar crime syndicate

Another fast-food hack, this time at Checkers and Rally’s restaurants

Posted on by

Checkers Drive-In Restaurants says hackers compromised payment machines at more than 100 of the fast-food company’s locations, providing the latest example of how buying a drive-through cheeseburger can come with the risk of a data breach. Point-of-sale malware was lurking at 102 of Checkers and Rally’s locations in 20 states, the Florida-based company said in a bulletin Wednesday. Thieves collected data stored on magnetic card strips, including cardholders names, payment card numbers, card verification codes and expiration dates — everything they would need to steal to conduct their own transactions or re-sell that data on cybercriminal forums. The exposure period for many of the affected stores ended in April, though some locations were vulnerable dating back to 2016 or 2015, in the case of one California restaurant. The company did not specify the number of customers affected. Checkers didn’t offer many details about the hack, but the almost non-stop breach disclosures from similar […]

The post Another fast-food hack, this time at Checkers and Rally’s restaurants appeared first on CyberScoop.

Continue reading Another fast-food hack, this time at Checkers and Rally’s restaurants

North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

Posted on by

Cybercriminals linked to North Korea appear to be simultaneously targeting point-of-sale (POS) systems as well as cryptocurrency platforms as the annual holiday spike continues in retail stores and the hype surrounding bitcoin surges, according to research by cybersecurity firms Proofpoint and RiskIQ. Reports by the two companies published late Tuesday shine a light on the ways in which hackers are increasingly developing different types of custom attacks to either steal cryptocurrency or infect computers with so-called “cryptojacking” software. The latter involves the covert installation of malicious computer code into compromised web browsers in order to siphon off processing power, which can in turn be used to mine cryptocurrencies. The researchers say the hacks in question are connected to the Lazarus Group, the cybersecurity community’s name for North Korea’s premier cybercrime and cyber-espionage organization. Attacks on the financial system are one of the communist regime’s chief sources of funding as it faces global sanctions […]

The post North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season appeared first on Cyberscoop.

Continue reading North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

Posted on by

Cybercriminals linked to North Korea appear to be simultaneously targeting point-of-sale (POS) systems as well as cryptocurrency platforms as the annual holiday spike continues in retail stores and the hype surrounding bitcoin surges, according to research by cybersecurity firms Proofpoint and RiskIQ. Reports by the two companies published late Tuesday shine a light on the ways in which hackers are increasingly developing different types of custom attacks to either steal cryptocurrency or infect computers with so-called “cryptojacking” software. The latter involves the covert installation of malicious computer code into compromised web browsers in order to siphon off processing power, which can in turn be used to mine cryptocurrencies. The researchers say the hacks in question are connected to the Lazarus Group, the cybersecurity community’s name for North Korea’s premier cybercrime and cyber-espionage organization. Attacks on the financial system are one of the communist regime’s chief sources of funding as it faces global sanctions […]

The post North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season appeared first on Cyberscoop.

Continue reading North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

US hotels hit by payment card slurping malware

Posted on by

10 months after merchants were to assume financial responsibility if they didn’t install chip readers, we’re still seeing POS breaches. Continue reading US hotels hit by payment card slurping malware