POS Malware Steals Payment Card and Personal Info from Food Kiosks
Point-of-sale malware can make its way into almost anything these days, from massive corporate systems to individual devices. The latest victim is Avanti Markets, a leading “micro market” vending company hit with malware that has stolen payment and possibly fingerprint data from self-service payment kiosks in various locations.
The cybercriminals likely breached the kiosk provider’s network and used infected Windows computers as a beachhead in the attack. From there, POS malware can bypass some encryption technology and grab unprotected card data out of the volatile memory of a POS device. Regardless, it appears Avanti had not rolled out encryption on all their devices prior to the attack
POS malware is also typically written to attack unique and widely used POS systems, and versions have been found that attack specific restaurant and gas station software kits. The attackers in this case used a Poseidon toolkit developed in 2015.
After investigating the attack, officials said it appears the malware gathered cardholders’ first and last names, credit/debit card numbers, and expiration dates. In addition, users of the Market Card option may have had their names and email addresses compromised. And although biometric information was at risk in this attack, it seems stored fingerprint data has not been compromised.
Avanti states that 1,900 devices were affected, but the true extent of the breach is still unknown. Imitation attacks may soon follow, and the publicity gained by the Avanti attack may be used by attackers in phishing scams to lure Avanti users into further revealing their credit card data.
The good news is Avanti has offered credit monitoring to impacted customers. However, to ensure their financial data is secure, customers should also keep a close eye on their bank accounts to look for any fraudulent activity.
The post POS Malware Steals Payment Card and Personal Info from Food Kiosks appeared first on McAfee Blogs.
More antivirus and malware news?
- Library Service interruption, May 10 2016: The CAT
- The 10 "Must-Haves" for Secure Enterprise Mobility
- Microsoft Internet Explorer and Edge CVE-2016-7279 Remote Memory Corruption Vulnerability
- Apple explains the battery problem leading to iPhone 6s shutdowns
- Malvertising Campaign Abuses Baidu Ad API
- Twitter reports a rise in government data requests
- Attacker leaves “SECURITY TIPS” after invading anti-DDoS firm Staminus
- Top 10 tips to keep your kids and teens safe online
- Malicious uploads allowed hijacking of WhatsApp and Telegram accounts
- Google admits that forcing G+ on YouTube users has increased spam