A malicious software (malware) called "Backoff" is concerning retailers across the U.S. as it tries to breach in point-of-sale (POS) system and hack data.

Backoff belongs to the POS family of malware, which has been discovered recently. It targets the POS system and tries to track data, log unauthorized keystrokes, and command and control communications.  

On Thursday, July 31, the United States Computer Emergency Readiness Team (US-CERT) in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharing and Analysis Center (FS-ISAC), and Trustwave Spiderlabs, a contract partner with the USSS has issued a statement, which provides relevant details about the malware.

The agency revealed that the malware has been found in three separate investigations. The US-CERT also suggests that there are three variants of the malware, which can affect a POS system.

If a POS system is hacked by the malware, it can impact both businesses as well as customers. The malware can access names, mailing addresses and contact numbers of consumers. Moreover, it can also track sensitive data such as credit and debit card numbers and bank account details.

Such attacks can negatively impact a brand's name and reputation and at the same time expose customers to financial risks regarding their compromised credit and debit card details. If customers find that their personal details have been leaked due to a POS system of a specific retailer, it can also sway them from visiting those retailers.

"It is critical to safeguard your corporate networks and web servers to prevent any unnecessary exposure to compromise or to mitigate any damage that could be occurring now," per US-CERT.

In Dec. 2013, U.S. retailer Target announced that credit and debit card details of more than 40 million customers, who visited its over 1,700 brick and mortar stores during the holiday season, were compromised as hackers intercepted its POS systems.

Dallas-based luxury retailer, Neiman Marcus, also confirmed that their computer security systems were compromised by hackers.

US-CERT suggests that the variants of Backoff can go undetected by the existing anti-virus solutions available at many retailers. However, anti-virus companies are believed to have started to develop software that can detect Backoff attacks.

The US-CERT has issued certain guidelines, which may help businesses safeguard their security and network systems against any attack attempts from the malware and protect their business as well as customer's personal details. 

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion