U.S. Warns Retailers On The New ‘Backoff’ Malware Striking Sales Systems

The United States Computer Emergency Readiness Team warned retailers Thursday about a family of malware that allows hackers to access computer networks and steal customer data.

The newly discovered malware, dubbed “Backoff,” was used for a number of attacks on retailers, analysts found during three forensic investigations of point-of-sale breaches and it was almost never detected by standard anti-virus software.

U.S. Warns Retailers On The New 'Backoff' Malware Striking Sales Systems

U.S. Warns Retailers On The New ‘Backoff’ Malware Striking Sales Systems

The Department of Homeland Security’s security bulletin said the malware was found to have infiltrated computer networks through the commonly used remote tools that permit people to access business networks from home or outside. These include Apple Remote Desktop, Microsoft’s Remote Desktop, Chrome Remote Desktop and others.

“Once these applications are located, the suspects attempted to brute force the login feature of the remote desktop solution,” the DHS bulletin said. “After gaining access to what was often administrator or privileged access accounts, the suspects were then able to deploy the point-of-sale (PoS) malware and subsequently infiltrate consumer payment data.”

Hackers used it to recover customer’s credit card information through various retailers’ Point of Sale (PoS) systems, the Homeland Security report said without naming the retailers affected. However, the New York Times reported that they include Neiman Marcus, Target, Sally Beauty Supply, P.F. Chang’s and Goodwill Industries International.

The security experts and the government said that they have found evidence of hackers using this malware beginning October 2013, and continuing to the present. The DHS Computer Emergency Readiness Team said retailers should step up defences against the new tool.

The report said most anti-virus programs have been incapable of identifying or blocking the malicious software introduced by the hackers. But with the release of technical information, security companies should be able to amend their programs.

The malware can allow the hackers to scrape data from memory and in some cases use a keylogger to gain access to passwords, control communications and to insert malicious code into explorer.exe.

The DHS said the breaches can affect both the businesses and consumer by exposing customer details such as names, credit and debit card numbers, contact numbers, and e-mail addresses to criminal elements, who can use them to make illegal purchases or risk compromise of bank accounts.

In the meantime, the DHS report also suggested certain strategies to help prevent attacks by malwares. They include, using strong passwords, requiring two-factor authentication and to closely monitor network activity especially while accessing payment process networks, configure a remote desktop client to lock user accounts in case of many unsuccessful log-in attempts and to ensure operating systems are up to date, with the latest antivirus software available.

Carrie Ann
Carrie Ann is Editor-in-Chief at Industry Leaders Magazine, based in Las Vegas. Carrie covers technology, trends, marketing, brands, productivity, and leadership. When she isn’t writing she prefers reading. She loves reading books and articles on business, economics, corporate law, luxury products, artificial intelligence, and latest technology. She’s keen on political discussions and shares an undying passion for gadgets. Follow Carrie Ann on Twitter, Facebook

Recent Posts

Audi A6 E-tron Production Launch in 2023

Audi A6 E-tron Production Launch in 2023

Audi has confirmed that there will be multiple variants of the etron, including “basic versions optimized for minimum consumption and maximum range.
6 hours ago
Royal Dutch Shell buyback lifts investor sentiment

Royal Dutch Shell buyback lifts investor sentiment

Royal Dutch Shell commences share buybacks before the end of this year while reducing its first quarter dividend to 16 cents per share, a 66% cut.
7 hours ago
Citizens Financial to acquire Investors Bancorp in $3.5 billion NYC push

Citizens Financial to acquire Investors Bancorp in $3.5 billion NYC push

Citizens Financial Group, Inc. and Investors Bancorp announced today that they have entered into a definitive agreement and plan of merger in a cash-and-stock deal worth $3.5 billi
1 day ago
Apple Q3 Earnings Break Records Again!

Apple Q3 Earnings Break Records Again!

Apple Q3 earnings prove the Cupertino giant remains unaffected by the Covid-19 pandemic as sales rise across all product lines.
1 day ago
Strong iPhone 12 sales could boost Apple’s Q3 2021 earnings

Strong iPhone 12 sales could boost Apple’s Q3 2021 earnings

Will Apple manage to post solid earnings in Q3 2021? Here’s what Wall Street’s top analysts have to say ahead of Apple’s Q3 2021 earnings report today.
2 days ago
Tesla earnings top $1 billion for the first time

Tesla earnings top $1 billion for the first time

Tesla earnings not only blew past analyst expectations but also marked the first time the automaker’s quarterly profit joined the three-comma club.
2 days ago