Why Backoff Malware Is Such a Big Threat to Retailers
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Why Backoff Malware Is Such a Big Threat to Retailers

Why Backoff Malware Is Such a Big Threat to Retailers
Written By
Sean Michael Kerner
Sean Michael Kerner
Aug 29, 2014
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


Why Backoff Malware Is Such a Big Threat to Retailers

1 - Why Backoff Malware Is Such a Big Threat to Retailers

by Sean Michael Kerner


Backoff Has Been Active Since October 2013

2 - Backoff Has Been Active Since October 2013

Although the U.S. government didn’t issue a public advisory about Backoff until July, it turns out the malware has been active since October 2013.


At Least 1,000 Businesses Across the U.S. Have Been Infected

3 - At Least 1,000 Businesses Across the U.S. Have Been Infected

Initially, 600 businesses were thought to be at risk from Backoff, but that number has been revised upward to “at least” 1,000, according to US-CERT.


Backoff Targets Windows POS

4 - Backoff Targets Windows POS

Trustwave’s Karl Sigler notes that Backoff works against any Microsoft Windows-based POS system.


Remote Desktop Software Is the Point of Entry

5 - Remote Desktop Software Is the Point of Entry

In most cases, the initial breach into a retailer’s POS system is by way of some form of Remote Desktop Protocol (RDP) access.


Advertisement

Java Is an Indicator of Compromise

6 - Java Is an Indicator of Compromise

Sigler explained that in some cases, when the Backoff malware lands on a system, it is installed to an Oracle Java directory with an executable name of javaw.exe. He added that most POS systems typically don’t need to have Java.


Magnetic Stripe Credit Card Data Is Easily Stolen

7 - Magnetic Stripe Credit Card Data Is Easily Stolen

One of the core capabilities of Backoff is that it grabs customer credit card data taken from magnetic stripe card swipes.


Backoff Has Keylogging Features

8 - Backoff Has Keylogging Features

Going a step beyond just card swipes, Backoff also has keylogging features. Sigler noted that even if a cashier manually enters a credit card number, that data will also be compromised.


Backoff Communicates Credit Card Data Every 60 Seconds

9 - Backoff Communicates Credit Card Data Every 60 Seconds

An infected Backoff system can communicate stolen data back to a command and control host every 60 seconds.


Proper Security Can Limit Backoff Risk

10 - Proper Security Can Limit Backoff Risk

Sigler suggests that retailers have a firewall in place that monitors for communications to rogue servers. The use of strong passwords and two-factor authentication is recommended as well. Reducing the attack surface by properly securing remote desktop access can also reduce the risk.
Sean Michael Kerner
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information