The National Cybersecurity and Communications Integration Center or the NCCIC warning came a little late. The “Backoff” malware has hit more than 1000 U.S. Businesses. The malware is installed on retail point-of-sale systems by exploiting lacunae in their remote access capabilities.
According to unconfirmed reports, Backoff has been able to successfully infiltrate a number of point-of-sale systems. The latest advisory from the NCCIC, the Secret Service has investigated a number of intrusions at numerous business and commercial establishments across US, which has been hit by the “Backoff” malware. The site also reveals that 7 Point Of Sale systems vendors have been affected. Other private business houses have also been affected and the Secret Service estimates that 1000 business houses across US have been affected by the malware.
The NCCIC has not published the names of the companies which have been affected by the malware; some of these companies have voluntarily admitted that their computer systems have been compromised. According to a report by New York Times, these include UPS, Supervalu and the famous Target.
Antivirus manufacturers have gone into an overdrive and are creating new Backoff identification techniques into their products after the revelation of its existence. The NCCIC has asked all business houses to make a thorough analysis of their Point Of Sales systems. It is very important to identify the lacunae which will allow infiltration by the Backoff malware but it is important to scan for the malware itself.
What are the risks of the Backoff malware? The Point Of Sale infected by the Backoff malware can perform undesirable actions which include
- Scraping the system’s memory for credit card data,
- Installing keylogging,
- Report findings back to a command and control server
- Install backups that automatically repopulate a system with Backoff in the event that the malware is somehow deleted or stopped.