The U.S. Department of Homeland Security recently released a 10-page advisory article about the payment-card stealing virus, named “Backoff”. The announcement was made on Thursday and it was said that the virus has been observed at least three times through forensic investigations on breaches of payment systems.
The U.S. government has released reports on several different kinds of malicious software that cybercriminals are using to steal payment cards. This new insight coincides with a security breach occurring in many different corporations this year. A major incident involved a breach at Target Corp, which resulted in the theft of 40 million payment card numbers.
Backoff can be identified as a group of point-of-sale malware, and it was first identified in October of 2013. The Department of Homeland Security say that it has the capability to scrape memory for track data, logging keystrokes, and injecting malicious stub into explorer.exe files. Furthermore, the DHS says that attackers use publicly available tools to find businesses that use remote desktop applications, and then gain access to an administrative account to insert their malware.
The DHS advisory also warned that this malware put both the retailer and the consumer at risk, by exposing data, names, credit card numbers, email addresses, mailing addresses, and phone numbers.
This virus can negatively impact the reputation and sales of a business, which is why it’s important to stay updated on anything related to this virus. Companies that have already been affected include:
For more information on recent security breaches, and how you can stay protected contact our team at CITOC. You can reach us at (713) 490-5000 or send us an email at firstname.lastname@example.org. Our team will make sure to keep you informed on the latest news regarding the Backoff virus.