PoSeidon Malware Attacks Credit Card Transactions

paying with card

PoS terminals in high-street stores are being put at risk, Cisco researchers find

Retailers are being warned to take extra care over processing customer payments following the discovery of new malware that targets Point of Sale (PoS) terminals.

Discovered by security researchers at Cisco, PoSeidon is reportedly worse than the Zeus exploit kit that was responsible for attacks on Target which saw millions of user details stolen.

Attackers are infecting PoS terminals, which are used to read the information stored on the magnetic strip on the back of a credit or debit card, to steal this data and create cloned credit cards for criminal purposes.

poseidon malwareLording it

Upon infection, the malware is designed to scan PoS devices’ memory for credit card details before exporting that data to outside servers, many of which appear to originate in Russia.

It does this by installing a binary which installs a keylogger and scans the memory of the PoS device for number sequences that could be credit card numbers.

The keylogger component can be used to steal passwords and could also be responsible for spreading infections, the researchers said.

Once the data is verified, keystrokes and credit card numbers are encoded and sent to an exfiltration server, where they can be sold on to create cloned cards that can be used for criminal purposes.

“PoSeidon is another in the growing number of point-of-sale malware targeting PoS systems that demonstrate the sophisticated techniques and approaches of malware authors,” Cisco’s researchers wrote in a blog post detailing PoSeidon.

“Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection.

And as long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and the development of new malware families, the report said.

“Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.”

What do you know about famous hackers? Take our quiz!