Monday, December 22, 2014

Backoff Point of Sell malware

On July 29, 2014, the US-CERT (Computer Emergency Readiness Team) issued an alert regarding a new Point of Sale malware it dubbed Backoff - the first public disclosure of this threat. The name was probably coined after a string found in the code of one of the versions of the variant that was analyzed by the US CERT.

The Backoff threat is currently targeting mostly US businesses, and has managed to compromise more than a thousand different business entities. Its main target as POS malware is to obtain the magnetic data gathered from credit/debit cards swiped in point of sale stations. The data is then sent to a Command & Control (C&C) server operated by the fraudster.

The product of a private financial fraud group, this threat is continuously being developed, and has been operating since October 2013 according to evidence collected in the wild. In this report I provide the full story of the Backoff operation, including: bot analysis, a behind- the-scenes look at the Backoff server-side and how it operates, background information on its operator, and statistics on the geographic distribution and reach of the malware based on my research.

Full research paper

5 comments:

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. There's no need to advertise the property, the whole Sell house fast service is completed as a one stop solution by professional property buying teams. Sell House Fast Scotland

    ReplyDelete
  3. You need to view here lots of interesting articles on the topics close to this thematic.

    ReplyDelete
  4. Yes i am totally agreed with this article and i just want say that this article is very nice and very informative article.I will make sure to be reading your blog more. You made a good point but I can't help but wonder, what about the other side? !!!!!!Thanks we buy houses

    ReplyDelete
  5. In the computer different kind of users apply different kind of code or formula to find out their products’ sell and remaining item in the shop, or box and etc… and those guys who have an experience cause of the studying in computer, but do not have an degree so those guys desire to buy a degree from an accredited college in their faculty in shot time.

    ReplyDelete