Latest PoS Malware Spreads Across North America

A new breed of point-of-sale malware, known as GamaPoS, was discovered last week by security researchers from antivirus vendor Trend Micro and is said to have already affected organizations across the United States and Canada.

The GamaPoS is similar to many other malware threats in that it removes the credit card data from PoS systems, but unlike its predecessors, “GamaPoS uses malware coded using the .NET framework — a first in PoS threats,” Jay Yaneza, a threats analyst at Trend Micro, said in a blog post late last week.

According to Yaneza, GamaPoS reaches its targets by using a “shotgun” or “dynamite fishing” approach, allowing it to launch spam campaigns to distribute an Andromeda botnet. As a result, the malware is able to overpower and infect PoS systems through the sheer volume of malware launched.

While Trend Micro’s rough estimates show the new malware may have only hit 3.8 percent of those affected by the Andromeda botnet, initial scans show it has spread throughout 14 locations, including 13 U.S. states and Vancouver, Canada.

“The GamaPoS infection starts when victims access malicious emails that contain attachments such as macro-based malware or links to compromised websites hosting exploit kit content,” Yaneza explained.

“Businesses that use Visa, Discover and Maestro (among other credit and debit cards) risk losing their customers’ data to GamaPoS.”

Just last month, Trend Micro warned of yet another malware with the aims of taking down PoS systems called MalumPoS, which possessed the ability to steal payment data from systems running a popular type of Oracle software.

MalumPoS’ prime target is Oracle’s MICROS platform, which is currently deployed on over 330,000 sites worldwide. The software is widely used in the U.S., especially within the hospitality, food and beverage and retail industries, putting numerous high-profile companies and their customers at risk.

PoS systems remain a favorite target for cybercrime, with recent studies showing hackings at PoS locations were behind a majority of data breaches in North America, a number that declined to 10 percent in Europe, the Middle East and Africa and only 11 percent in the Asia/Pacific region.

To check out what else is HOT in the world of payments, click here.


Latest Insights: 

Facebook is a giant in the ad game, with 2.3 billion active monthly users and $16.6 billion in quarterly advertising revenue. However, its omnipresence makes it a honeypot for fraudsters. In this month’s Digital Fraud Report, PYMNTS talks with Rob Leathern, Facebook’s director of product management, on how the site deploys automated systems and thorough advertiser vetting to close the lid on fraudster attempts.

Click to comment


To Top