Content Provided By:Payex

Browse Categories

Recent Posts

Backoff Point-of-Sale Malware Alert

September 3rd, 2014

On July 31, 2014 the US-CERT issued an alert pertaining to Point of Sale malware dubbed “Backoff”, which enables attackers to extract consumer payment data. Attackers are using publicly available tools to locate businesses that use remote desktop applications. Commonly known names of these types of remote desktop solutions are: Microsoft’s Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop 2, Pulseway, PC Anywhere and LogMeIn.

To gain access to the system, they are using brute force attacks, a method used by an attacker to attempt to guess a password using dictionaries of commonly known passwords, to obtain administrator account credentials to log into these solutions. Once access to administrator accounts is gained, an attacker can use administrator or privileged access to deploy Backoff malware on point-of-sale systems, enabling the attacker to extract consumer payment data.

This Security Alert is provided for information purposes only. Consistent with your PCI DSS compliance requirements, Payex is encouraging partners and merchants to not only control the remote access to their networks using two factor authentication, but to also implement periodic password change requirements, complex password requirements and minimum password length requirements and to keep all computer systems and anti-virus engines patched to the latest versions thereof that are available.

Entry Filed under: News

Leave a Comment


Required, hidden

Trackback this post  |  Subscribe to the comments via RSS Feed