Industry News

PoS Malware Hits Vending Machines and Electronic Kiosks

iStock_000002544727_resizeA new sophisticated backdoor dubbed d4re|dev1| is infecting ticket vending machines used by mass transportation systems and electronic kiosks found in public areas, according to cyber-security researchers.

In August, hackers allegedly compromised a machine in Italy through its Virtual Network Computer software. They used brute-force attacks to discover weak admin credentials.

“These kiosks and ticket machines don’t usually house large daily lots of money like ATMs, but many have insecure methods of remote administration allowing for infectious payloads and the exfiltration of payment data in an ongoing and undetected scheme,” said IntelCrawler.

This type of device will become the new target for cybercriminals, the company added.

After gaining access, d4re|dev1| allows attackers to remotely upload files to the infected machine and plant malicious code inside the local network. When used to steal data from compromised PoS systems, the malware uses RAM scraping and keylogging functionalities commonly found in other known PoS malware.

But cybercriminals are after a bigger goal, experts say.

“This broad lateral approach shows that serious cybercriminals are not interested in just one particular Point-of-Sale terminal – they are looking for enterprise wide network environments, having tens of connected devices accepting payments and returning larger sets of spoils to their C2 servers,” the company said.

About the author

Alexandra GHEORGHE

Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers' mouse scrolls. Alexandra is also a social media enthusiast who 'likes' only what she likes and LOLs only when she laughs out loud.