14 DAY TRIAL // An increase of Backoff POS malware detections has been recorded in the third quarter of the year, and the trend seems to continue through October and November, according to a report from a company focusing on mitigating cyber threats.
With the holiday shopping season getting closer, cybercriminal activity increases and a surge in malware is expected. Damaballa reports that, on Friday, the number of detections for Backoff POS had increased by 33% compared to information from Q3.
Created to infect point-of-sales systems and extracting payment information, Backoff has been around since at least October 2013, when it was observed in several forensic investigations.
At the end of July 2013, an advisory from US-CERT (Computer Emergency Response Team) warned about the malware going largely undetected by antivirus software.
Another warning from the organization came towards the end of August, when US-CERT alerted that more than 1,000 retailers had been impacted by Backoff.
One of the most notorious victims of this threat is the Dairy Queen, almost 400 of its locations being affected.
At the moment, multiple Backoff variants are available in the wild, with Fortinet reporting a new sample with features that make detection and analysis more difficult by removing the command strings and encrypting communication with the command and control server.
“Leading into the holiday shopping season, retailers both small and large must be extra vigilant of malware designed specifically to target point-of-sale systems,” Damballa says.