Backoff Malware Spread Might Have Been Contained With Basic Defenses
NEWS ANALYSIS: Malware that captured millions of credit card numbers from Target and infected hundreds of other companies could have been thwarted just by using good security practices.The U.S. Department of Homeland Security has issued an alert to businesses throughout the United States about a malware infection that invades point-of-sale (POS) systems and sends the credit card information of people to cyber-criminals. The malware, which is being called Backoff by security researchers, operates by gaining access to POS systems through an administrator account, according to DHS. Backoff is closely related to the malware that infected Target in 2013, according to Jerome Segura, senior security researcher at Malwarebytes. The Malwarebytes security software was already detecting Backoff before the DHS alert and identifying it as a Trojan, Segura said. He credited DHS with providing the security industry with the signatures of the various iterations of the malware so that antivirus software could identify and blog the malware.
The U.S. Computer Emergency Response Team (US-CERT) provided technical details for identifying malware and specific instructions so that businesses with POS systems could prevent a similar malware attack. While the DHS report is highly technical and is aimed at security experts, the suggestions it makes for avoiding future attacks are really fairly straightforward.