TribLIVE

| USWorld

 
Larger text Larger text Smaller text Smaller text | Order Photo Reprints

Credit-card-stealing virus 'Backoff' virtually undetectable, Homeland Security warns

Email Newsletters

Click here to sign up for one of our email newsletters.

Daily Photo Galleries

'American Coyotes' Series

Traveling by Jeep, boat and foot, Tribune-Review investigative reporter Carl Prine and photojournalist Justin Merriman covered nearly 2,000 miles over two months along the border with Mexico to report on coyotes — the human traffickers who bring illegal immigrants into the United States. Most are Americans working for money and/or drugs. This series reports how their operations have a major impact on life for residents and the environment along the border — and beyond.

By Reuters
Thursday, July 31, 2014, 8:48 p.m.
 

The Department of Homeland Security warned retailers about a type of malicious software attacking point-of-sales systems, dubbed “Backoff,” that it said is undetectable by most types of anti-virus software.

The agency released a 10-page advisory about the payment-card-stealing virus on Thursday, saying it has been observed in at least three forensic investigations into breaches of payment systems.

The government has released reports on several types of malicious software that cybercriminals used to steal payment cards after last year's unprecedented breach on Target Corp, which resulted in the theft of about 40 million payment card numbers.

Backoff is a family of point-of-sale malware identified in October and with capabilities that include scraping memory for track data, logging keystrokes and injecting malicious stub into explorer.exe files, DHS said.

It said attackers use publicly available tools to find businesses that use remote desktop applications, then gain access to an administrative account to insert the malware.

The DHS advisory warned that such malware puts the business and consumer at risk, exposing data including names, credit card numbers, email addresses, mailing address and phone numbers.

“These breaches can impact a business' brand and reputation, while consumers' information can be used to make fraudulent purchases or risk compromise of bank accounts,” it said.

Subscribe today! Click here for our subscription offers.

 

 


Show commenting policy

Most-Read Nation

  1. West Virginia on pace to issue record number of concealed-carry permits
  2. Obama orders steeper emission cuts from power plants
  3. Manhunt under way for suspect in Memphis officer’s killing
  4. 5,000 homes in peril of Northern Calif. wildfire
  5. Wreckage from Challenger, Columbia goes on display
  6. Phoenix man accused of beheading wife, dogs jailed on $2M bail
  7. Finish 44-year Hamtramck housing bias case soon, judge tells lawyers
  8. GOP leaders aloof as Texas Attorney General Paxton indicted for securities fraud
  9. Veterans notified of info breach in South Dakota
  10. Tent blows off mooring, kills 1 near Chicago
  11. 2 women advance to final phase of Army Ranger training