The United States Computer Emergency Readiness Team (US-CERT) has issued an advisory warning of a new POS malware that, “at the time of discovery and analysis…had low to zero percent anti-virus detection rates, which means that fully updated anti-virus engines on fully patched computers could not identify the malware as malicious.”
Here is a synopsis of the advisory:
- The malware has the potential to impact any point-of-sale (POS) system where the business is utilizing (or has previously utilized) a remote access tool such as Microsoft’s Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop 2, Pulseway and LogMEIn.
- The malware, called “Backoff,” has been found in at least 3 separate POS data breach investigations
- There are multiple variants of the malware and merchants are advised to take the necessary, immediate precautions to prevent exposure or limit the damage of a breach that could already be in progress at their business
ControlScan advises merchants to strengthen remote desktop access configurations, network and POS Security to mitigate the risk of data compromise. ControlScan’s ProTect UTM service offers you multiple layers of network security defense to secure you from breaches and malware attack. Should you need assistance in understanding the details of this advisory and the related recommendations to protect your business, please contact us at 800-825-3301, X2. We are happy to help.