The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory warning of a new POS malware that, “at the time of discovery and analysis…had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could not identify the malware as malicious.”
Here is a synopsis of the advisory:
• The malware has the potential to impact any point-of-sale (POS) system where the business is utilizing (or has previously utilized) a remote access tool such as Microsoft’s Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop 2, Pulseway, and LogMEIn.
• The malware, called “Backoff,” has been found in at least 3 separate POS data breach investigations
• There are multiple variants of the malware and merchants are advised to take the necessary, immediate precautions to prevent exposure or limit the damage of a breach that could already be in progress at their busininess
VikingCloud advises merchants to strengthen remote desktop access configurations, network, and POS Security to mitigate the risk of data compromise. Should you need assistance in understanding the details of this advisory and the related recommendations to protect your business, please contact us. We are happy to help.
.svg)
.png)