Security Experts Warn Of NitlovePOS Malware: What You Should Know

Security experts have found a new malware called NitlovePOS that targets computers via spam emails.

FireEye, an American network security company, revealed that cybercriminals have been recently targeting employees who browse the Internet or check their email from a point-of-sale (POS) computer. The network security firm said that it is quite risky to businesses but is a common practice.

FireEye explains that hackers sent NitlovePOS malware via rogue email camouflaged as job inquiries. The emails contained fake resumes in a Microsoft Word document along with a malicious macro. Once the macro was installed, it allowed another program to be downloaded from a remote server without the user's authentication. When the malware made its way to the POS system, it scanned the system memory for card data.

"The NitlovePOS malware can capture and ex-filtrate track one and track two payment card data by scanning the running processes of a compromised machine. It then sends this data to a webserver using SSL," stated FireEye.

Track one data contains a cardholder's name and account number. Track two payment card data includes vital data such as a cardholder's encrypted PIN, account details and more.

Experts suggest that it can become quite common for cybercriminals to attack POS machines but it is unusual to see a malware infection in a POS machine through spam emails, such as the method seen in NitlovePOS.

Many notable retailers such as Neiman Marcus, Staples, Home Depot, PF Chang's, Michaels Stores, Target and more have become victims of POS security breaches. Such incidences have cost retailers millions of dollars and left customer data exposed to hackers. IT security firms are always on the lookout to improve network security for protecting customer data.

Deploying a next-generation firewall (NGFW) is one of the key technologies that can protect POS machines from unauthorized access.

"The key advantage that NGFW provides for network segmentation is application servers and data can be designated in different segments based on their risk factors and security classifications, with access to them tightly controlled," said Monolina Sen, ABI Research's senior analyst in Digital Security.

IT security experts recommend that employees should use POS machines only for what it is intended. Businesses should educate their employees about the potential risks involved with using POS machines for other activities, such as checking email, browsing the Internet, playing games and more.

Photo: Frankie Leon | Flickr

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics