Welcome!

Article

POS Devices Targeted for Malware

Point of Sale Devices Are Being Targeted!

Soraya is the latest malware making rounds, and it's targeting POS systems as well as home computers. Already, thousands of cards have been compromised, and most of them are US-issued. According to media outlets, Arbor Networks found the malware, Soraya, on May 23 2014. It works by mixing memory scraping in Dexter (POS malware that already existed) with the ability to grab forms compliments of Zeus (an existing Trojan that targets Windows).

According to security analysts at Arbor Networks, Dave Loftus and Matt Bing, combining numerous malware techniques is a rarity. Bing says, "Memory scraping is typically only found in malware directly targeting (POS) systems, and form grabbing is typically to steal data being sent to websites, including payment card information and passwords." It's estimated that the malware can access cards used as far back as March 2014.

Undertaking research

So far, the pair of analysts have tracked payment data via a command and control server since Soraya let that data get into the public during a small window. They say over 65 percent of all cards were US-issued, with a large amount being from Idaho but otherwise being well peppered around the country. However, there are over 21 percent of card Costa Rica-issued and 11 percent in Canada, both countries that have rich American tourism industries. They add that 35 percent were credit cards while 65 percent were debit. However, the big question is who's behind Soraya?

Nobody knows and thus far there's no evidence showcasing how the malware is being moved around. The researchers also say they see no pattern for victims or businesses and that Soraya isn't playing favorites in that regard, so truly anybody could be the next victim. According to Loftus, "We have a general idea where some of the infections exist. We have sent the compromised payment card data to the major card providers. They will likely determine the common point of purchases associated with the cards and notify the affected businesses."

How Soraya works

It's noted that the malware also makes use of the Luhn Algorithm, which is a beautifully simple approach to check that a card's 16 numbers are valid and not random. However, Luhn doesn't check that the card can actually be used, simply that the numbers align. Loftus says, "A new feature of Soraya appears to be in development that enables Soraya to steal FTP credentials. Once this feature is completed, we believe Soraya will actively be sold to carders in the underground market."

What does this mean for businesses and entrepreneurs who depend on POS for their livelihood? The best way to protect yourself from Soraya is by using POS terminals which are solely used for POS transactions and not using them for any other type of service. You should also check that any remote access is disabled or highly restricted, since that opens up vulnerabilities for Soraya to attack. The people behind the malware may never be discovered, but that doesn't mean action can't be taken today to defend yourself.

More Stories By Drew Hendricks

Drew Hendricks is a writer, as well as a tech, social media and environmental enthusiast, living in San Francisco. He is a contributing writer at Forbes, Technorati and The Huffington Post.

Latest Stories
The taxi industry never saw Uber coming. Startups are a threat to incumbents like never before, and a major enabler for startups is that they are instantly “cloud ready.” If innovation moves at the pace of IT, then your company is in trouble. Why? Because your data center will not keep up with frenetic pace AWS, Microsoft and Google are rolling out new capabilities. In his session at 20th Cloud Expo, Don Browning, VP of Cloud Architecture at Turner, posited that disruption is inevitable for comp...
No hype cycles or predictions of zillions of things here. IoT is big. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, Associate Partner at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He discussed the evaluation of communication standards and IoT messaging protocols, data analytics considerations, edge-to-cloud tec...
"When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
The Internet giants are fully embracing AI. All the services they offer to their customers are aimed at drawing a map of the world with the data they get. The AIs from these companies are used to build disruptive approaches that cannot be used by established enterprises, which are threatened by these disruptions. However, most leaders underestimate the effect this will have on their businesses. In his session at 21st Cloud Expo, Rene Buest, Director Market Research & Technology Evangelism at Ara...
When growing capacity and power in the data center, the architectural trade-offs between server scale-up vs. scale-out continue to be debated. Both approaches are valid: scale-out adds multiple, smaller servers running in a distributed computing model, while scale-up adds fewer, more powerful servers that are capable of running larger workloads. It’s worth noting that there are additional, unique advantages that scale-up architectures offer. One big advantage is large memory and compute capacity...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that IBM has been named “Diamond Sponsor” of SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California.
A look across the tech landscape at the disruptive technologies that are increasing in prominence and speculate as to which will be most impactful for communications – namely, AI and Cloud Computing. In his session at 20th Cloud Expo, Curtis Peterson, VP of Operations at RingCentral, highlighted the current challenges of these transformative technologies and shared strategies for preparing your organization for these changes. This “view from the top” outlined the latest trends and developments i...
"Loom is applying artificial intelligence and machine learning into the entire log analysis process, from start to finish and at the end you will get a human touch,” explained Sabo Taylor Diab, Vice President, Marketing at Loom Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), provided an overview of various initiatives to certify the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldwide re...