Just In Time For Black Friday, New POS Malware

More bad news for physical retailers going into a Black Friday that seems to be successfully collecting yawns from consumers this year. Now, it seems, there is an honest to goodness threat on the horizon for those brave enough to hit the stores this Friday (Nov. 27): a new and particularly sophisticated piece of POS malware just waiting to harvest their card details.

According to iSight Partners, a threat intelligence company, the new threat has been designed to both be incredibly hard to spot and versatile in how it collects consumer data. The firm has spent the last several weeks warning large retailers that the malware is potentially hiding out in their systems but noted that even if they are aware, it will be a challenge to find and fix the problem.

Maria Noboa, senior technical analyst at iSight Partners, stated ominously that the latest is the “most sophisticated point-of-sale malware ever seen to date.”

The malware has not been used so far this year (though other versions of this malware, ModPos, have surfaced in several other high-profile attacks, like the 2013 Target breach), but this newest version has been described as a “Swiss army knife,” given its various tools and functionalities.

Noboa said: “There is new point-of-sale malware every week, which takes our engineers 20 to 30 minutes to reverse the code. With this, it took them about three weeks to determine it was indeed malicious and then several more weeks, two of them working at the same time, to figure out what each module consists of.”

Wendy Nather, research director at the Retail Cyber Intelligence Sharing Center, further noted the timing of this discovery will make rectifying the problem even harder for retailers.

“It will be difficult for retailers to deal with this at the same time as having smooth operations for Black Friday and Cyber Monday,” she said. “They will have to deal with it more surgically; they can’t just do a clean sweep and take anything down.”