1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Two payment terminal malware strains have stolen millions of doll

    From TechnologyDaily@1337:1/100 to All on Tue Oct 25 15:45:03 2022
    Two payment terminal malware strains have stolen millions of dollars worth of data

    Date:
    Tue, 25 Oct 2022 14:29:28 +0000

    Description:
    Law enforcement notified after $3.3 million of data was taken.

    FULL STORY ======================================================================

    Cybersecurity researchers have spotted two strains of point-of-sale ( POS ) malware that are active in the wild and stealing peoples credit card information.

    So far, theyve stolen more than $3.3 million worth of payment data, but given that the strains are active, that number is probably even higher by now.

    Cybersecurity researchers Nikolay Shelekhov and Said Khamchiev from Group-IB discovered the strains - called MajikPOS and Treasure Hunter - earlier this year, when they found their command & control (C2) servers. Through the server, they were able to deduce that the malware operators - whose
    identities are unknown at the time - stole payment information from tens of thousands of credit card holders. Tens of thousands of stolen credit cards

    Between February 2021 and September 2022, they were able to obtain the
    details of more than 167,000 credit cards. The researchers claim this information could be worth more than $3.3 million on the black market.

    Pretty much all of the data stolen belongs to US-based credit card holders.
    It took the researchers a month to analyze some 77,000 card dumps from the MajikPOS panel, and some 90,000 from the Treasure Hunter panel, after which they deduced that 97% of the cards from MajikPOS, and 96% from Treasure Hunter, were issued by US banks. The rest were issued by banks all around the world. Read more

    Check out the best firewalls around


    This new POS malware can totally bypass your card security


    POS terminals may have some serious security vulnerabilities

    Law enforcement has been notified, the researchers added.

    To infect POS endpoints, threat actors would first scan networks for open, or improperly secured virtual network computing (VNC) and remote desktop
    protocol (RDP) services. They would access (or brute-force their way into)
    the systems, and install the malware. After that, the malware would scan the devices and exploit them in the moment when they read and store credit card data.

    To protect from such attacks businesses should make sure their POS systems
    are protected with a strong password, are regularly updated with the newest software, and are hidden behind firewalls and other cybersecurity solutions . These are the best identity theft protection solutions out there

    Via: The Register



    ======================================================================
    Link to news story: https://www.techradar.com/news/two-payment-terminal-malware-strains-have-stole n-millions-of-dollars-worth-of-data/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)