New malware program targets POS systems

Status
Not open for further replies.
mikepdx

mikepdx

Member
Joined
Dec 19, 2002
Messages
888
Reaction score
93
Location
Corbett, OR USA
Last month security researchers from Cisco Systems issued a warning about a new PoS
malware threat ... the program has already infected PoS terminals at
restaurants, bars and hotels in the U.S.

in addition to stealing payment card data while it’s being processed, it also installs a
keylogger to capture what employees type on such systems.

New malware program targets point-of-sale systems | PCWorld
 
CapStar362

CapStar362

Member
Joined
Dec 27, 2004
Messages
618
Reaction score
21
Location
GA, USA!
correct me if im wrong, but coming from having a POS Certification with 7 and XP CE versions ( which are used in POS )...

the only time a POS machine even goes beyond a LAN is for credit card sales, everything else is guarded by LAN Side restrictions, like operator user names and passwords.

i see no viable method of a malware getting information from a POS machine and sending it out over WAN when its restricted by the POS Server, which all POS Clients are operated from, like thin client environments.

i wonder how they executed that. the POS Server controls all. the routing functions from the server specifically restrict LAN to WAN for any user/pass information even if elevated in privilege. and that is a built in function.
 
corbintechboy

corbintechboy

Member
Joined
Aug 12, 2005
Messages
463
Reaction score
13
Location
Corbin, KY
CapStar362 said:
correct me if im wrong, but coming from having a POS Certification with 7 and XP CE versions ( which are used in POS )...

the only time a POS machine even goes beyond a LAN is for credit card sales, everything else is guarded by LAN Side restrictions, like operator user names and passwords.

i see no viable method of a malware getting information from a POS machine and sending it out over WAN when its restricted by the POS Server, which all POS Clients are operated from, like thin client environments.

i wonder how they executed that. the POS Server controls all. the routing functions from the server specifically restrict LAN to WAN for any user/pass information even if elevated in privilege. and that is a built in function.
Click to expand...

I was thinking the same.

Now of course if an dirty employee injected the malware, it's the only way I could see something like this working.
 
CapStar362

CapStar362

Member
Joined
Dec 27, 2004
Messages
618
Reaction score
21
Location
GA, USA!
even at that, no Owner would give a employee his admin account credentials, or else suffer the darwin like fate for doing so.
 
Status
Not open for further replies.
Top