New POS malware alert – PoSeidon

by on with No Comments

Malware and key-scraping functionality are two major threats combined in this virus

PoSeidon, what is it?

+++PoSeidon is the name being given to a new strain of malware (malicious software) that is designed to infect point-of-sale terminals. PoSeidon targets point of sale terminals and steals payment card data so that it can be abused by criminals using a technique called ‘memory scraping’.

+++‘Memory scraping’ is an action performed by a piece of software in which it scans a computer’s memory for specific bits of information, such as a string of numbers starting with 6, 5, or 4, and then the 15 characters after it. Pull out your credit card and look at it right now. If it’s VISA, MasterCard, or Discover, it starts with a 4, 5, or 6 respectively. PoSeidon also scrapes for number bits that start with a 3 and have 14 characters after it (AMEX).

PoSeidon, how did it get there?

+++If you have a typical point of sale system, odds are you have a way for tech support to remotely connect to your system and make modifications. Historically, this is the number one way that point-of-sale-targeting malware is injected into a system.

PoSeidon, why is it so dangerous?

+++Well, apart from the fact that it steals your customers’ payment information, it also installs a keylogger on your system. So everything that you type is also recorded. The third aspect of PoSeidon is that unlike it’s fellow viruses, it actually communicates with external servers. This means that it can update itself and make itself harder to detect, find, and that someone gets access to credit card information way before a merchant can even realize it’s on their system.

PoSeidon, what can I do?

+++We hope that you have a system like POS on cloud Point of Sale that uses end-to-end encryption to protect you and your customers’ data. POS on cloud Point of Sale works in a way that renders this type of malware attack moot. If you don’t have a system as secure as ours, you should contact your point of sale provider immediately so they can instruct you on the proper course of action.

Conclusion

+++I hope that this article has in some way helped you, or made you more informed, or kept you safe. If you like what you read, you can always contact our agents, or you can always contact me personally at raymond@posoncloud.com if you have any questions. We would love to hear from you, and as always our agents are standing by.

With regard,
Post by Raymond Tri

Leave a Reply