Hackers Continue To Attack POS Transactions And Systems

April 9, 2019

Written by wukovits

Have you heard of DMSniff?  If you’re in the restaurant, entertainment, or retail business and you haven’t heard of it, this article is likely to dismay you. It’s the latest threat being deployed against those industries.

Researchers from the cybersecurity company Flashpoint now believe that DNSniff malware has been lurking in the wild since at least 2016.

It has proved to be notoriously hard to detect, which explains why we’re just now hearing about it. Even worse, the hackers behind the software have been specifically targeting small to medium-sized companies that rely heavily on credit card transactions to survive, These companies don’t typically have the resources to deploy state of the art security measures.

One of the key features of this malware strain is that it uses a DGA (Domain Generation Algorithm) to create command and control domains on the fly, which makes it incredibly resistant to blocking mechanisms and takedowns.  For instance, if law enforcement officials raid a site, confiscate servers, and shut down a domain, DNSniff keeps doing its thing.  It will simply spawn a new command and control domain and continue to transmit stolen data.

Although DGA’s are employed by other forms of malware, finding it built into the core functionality of code designed to be injected and run on POS machines is a new twist the researchers hadn’t seen coming.

In addition to that, DNSniff also utilizes a string-encoding routine, which enables it to hide even when actively searched for. This makes it more difficult for security personnel to uncover the inner workings of the code.

The goal for the hackers, of course, is to siphon off as many credit card numbers and as much other payment information as they can. They then bundle the stolen data and resell it on the Dark Web.  The group behind DNSniff has been wildly successful.  If you’re in any of the businesses we mentioned at the start, make sure your staff is aware of this latest threat, and stay on your guard.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon