Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook Follow The Paypers on Google +
The Paypers, paypers, Insight in payments, News, Reports, Events
Digital Identity, Security & Online Fraud

Security alert: new POS malware threats US payment systems

Friday 17 March 2017 | 10:29 AM CET

MajikPOS, a new POS (Point Of Sale) malware family is targeting payment systems in the US and Canada.

The malware was observed on security scanners for the first time around January 28, 2017 and was detected by the Trend Micro team. Still, newly evidence revealed that the virus first infected systems between August and November 2016.

This new threat has a modular design and support for many features often found in RAT (Remote Access Trojans), allowing fraudsters to search for and select which systems they want to infect.

According to security researchers, the malware authors scanned for open VNC and RDP ports and used brute-force attacks to guess weak credentials. Afterwards lists with information about users, especially card data entered on the POS software, were downloaded by the cybercriminals.

Afterwards, stolen data was sent to a server nicknamed Magic Panel where payment card data were sold one ID at a time for prices ranging from USD 9 to USD 39, or in bulk packages of 25, 50, and 100 IDs, priced at USD 250, USD 400, and USD 700, respectively.

Furthermore, Trend Micro says for Bleeping Computer that the MajikPOS dumps contained data from American Express, Diners Club, Discover, Maestro, Mastercard, and Visa cards.

More: Link