Beware Black Friday Shoppers: New Malware Targeting POS Systems Discovered

Cybersecurity company iSight has discovered a new malware virus that is able to entrench itself so deeply into point-of-sale systems that it will be overlooked by most antivirus software. The firm states that the new form of attack is the most advanced that it has ever seen.

Not only does the malware, named ModPOS, embed itself very deep within the architecture of computers, it also features high levels of encryption, which makes it even harder to identify ModPOS as malware.

ModPOS is able to gather the information that goes through checkout terminals, and is even able to record what is typed into the keypad of a POS system. The malware's modules extract the information from the memory of the POS systems and log the keystrokes. The collected the data is then transmitted to the attackers.

The discovery of the new malware comes at the most appropriate time for the virus to wreak havoc on consumers, as the holiday shopping season is set to formally kick off with the rapidly-approaching Black Friday shopping frenzy.

Retailers in the United States are now on the hunt for the malware in their systems, hoping to avoid a similar massive data breach which affected large companies such as Target in 2013. The Target data breach led to a settlement worth $10 million by the company to its affected customers.

The discovery of ModPOS was made by iSight last month. The company has since shared information on the virus to its clients and several companies. Included in the companies informed by iSight regarding the dangers of ModPOS are retail companies, hospitality firms and payment card processing corporations.

Some retail companies have said that they discovered digital proof that connected threat indicators that they had seen before to ModPOS, though this does not automatically mean that they were already victimized by it, according to Wendy Nather, the director of the Retail Cyber Intelligence Sharing Center (R-CISC).

The R-CISC is an industry group created just this year to overcome the threat of hackers, whose attacks have become increasingly complicated over the years. Among the members of the group are Gap, Lowe's, J. C. Penney and Walgreens.

"I couldn't tell you who is most likely to be compromised by this," said Nather. "But if it were harmless, we wouldn't even be talking about it."

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics