Sign in / up

back to article World's most complex cash register malware plunders millions in US

The world's most complex sales till malware has been discovered ... after it ripped millions of bank cards from US retailers on the eve of post-Thanksgiving shopping frenzies. The ModPOS malware has pilfered "multiple millions" of debit and credit cards from the unnamed but large retail companies incurring millions of dollars …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. kryptylomese

    Do not use Windows for POS

    11 2 Reply
    1. GrumpyOldBloke
      Reply Icon

      Or NSA for your nations cyber security

      7 2 Reply
  2. Ru'
    Devil

    "The encryption used for network and command and control data exfiltration and communication is protected with 128 bit and 256 bit encryption, with the latter requiring a new private key for each customer."

    Yet another reason encryption should be banned. These POS terminals should communicate in plain text obviously...

    5 1 Reply
  3. Wild Bill

    "We have been examining POS malware forever, for at least the last eight years"

    pedantic...urges...rising

    7 0 Reply
  4. Sir Runcible Spoon
    Boffin

    Sir

    If this has been in the wild for so long, you can bet that they have already engineered a replacement that does not rely on the same obfuscation tricks that this one uses, as they are now obviously compromised.

    These people are clever - they would have planned ahead and will already be deploying the new variant (assuming it isn't already out there).

    1 0 Reply
    1. Roland6 Silver badge
      Reply Icon

      Re: Sir

      Whilst iSight have raised the profileof the POS module, they also note that the framework could have wider applicability ie. we don't know if variants exist on other Windows systems...

      The report makes interesting reading and contains the hard-coded IP addresses for the C&C server...

      0 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    The COLD WAR lives on!

    Eastern European means, the officials have been paid off. Probably they are also paid on an ongoing basis. The COLD WAR lives on, since all of the theft is occurring on the erstwhile West side of the former Iron Curtain.

    0 0 Reply
  6. Kev99 Silver badge

    Another set of idiots who think the web / cloud/ net is safe & secure. Dedicated lines worked fine for decades. Remember, fools, a net and a web are a bunch of holes held together by string and a cloud is a bunch of air held together by water.

    2 0 Reply
  7. Sproggit

    Escape Route?

    We're seeing more of this sort of thing every day, week, month. One thing remains curiously absent from developments, though, which is any form of consequences for the vendor. [Aside, perhaps from the reputational damage - but memories seem short]. If companies were

    1. Taking all reasonable steps to protect their data

    2. Not grabbing data that they should not take and do not need

    3. Keeping all their technology patched and secure

    4. Deploying cyber controls adequate to the risks

    then we would likely be seeing less than this. If these retail outlets were vehicle manufacturers shipping cars and trucks with defective breaks, you would expect to see government getting involved and prosecutions for corporate negligence in the works. So why don't we see lawmakers offering to step in and protect the little people from cyber security negligence?

    0 0 Reply
    1. Ammaross Danan
      Reply Icon

      Re: Escape Route?

      If steel beams are created using cheap material, the manufacturer is at fault for sourcing/using bad materials which lead to whatever disaster it caused. Ergo, if a POS vendor puts their software on Windows XP embedded....

      1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like