Shortly after a massive batch of stolen credit and debit cards went on sale in the underground market pointing to a breach in large retail giant Home Depot, the company has confirmed that their payment systems were compromised. This affected customers who have used their cards in any of the 2264 stores in the US or Canada since April this year.
“Attacks like these are spreading like wild fire, this quarter alone saw a slew of data breaches and distributed denial of service (DDoS) attacks happen to big-name companies. In late 2013 we saw Target in the US suffer one of the largest data breaches in history with the use of BlackPOS resulting in the theft of 40-million credit and debit card numbers as well as 70 million personal records of Target shoppers,” says Gregory Anderson, country manager at Trend Micro South Africa.
“This was just the beginning and now we are seeing a constant stream of retailers publicly disclosing data breach incidents, typically involving credit card data theft using PoS RAM scrapers. Local retailers need to be aware that these threats are on the rise and 2014 has already seen the appearance of a number of new PoS RAM scraper families.”
Trend Micro has highlighted that in 2011 to 2013 six variants of this scraper family emerged but researchers have discovered that the same number have emerged in 2014 alone. New variants either borrowed the functionality of their predecessors or are direct evolutions of older PoS RAM scraper families. Four of the six new variants were discovered between June and August this year including Soraya, BrutPOS, Backoff and BlackPOS ver 2.0.
Anderson continues: “Credit card data breach is an established cybercrime that will not show signs of decreasing in the near future. Cybercriminals are targeting all industries and use a wide range of breach techniques. It’s important that our local industries are protected against possible robust PoS RAM attacks.
“Using Trend Micro Deep Discovery is a step in the right direction. It can detect certain lateral movements and the spread of malware, C&C communication and has a range of other capabilities designed to create robust protection from the growing array of PoS RAM scraper families.”
