New malware ‘Punkey’ detected in new point-of-sale attack

A new advanced malware program targeting point-of-sale terminals is putting customer credit card details at risk, following a number of similar attacks already this year, reports Payments Source.

The latest strain of malware has been named Punkey, with an investigation by the U.S. Secret Service identifying evidence of compromised payment card information as well as more than 75 infected – and active – IP addresses linked to point-of-sale terminals running Windows systems.

What’s especially worrying about Punkey, notes Computer World, is that the program is able to download and execute other malicious files, including updates for itself. So, if the malware author decides they want to add a new feature or provide a fix for a bug, they can do so.

The malware is said to hide inside the Explorer process found on every Windows device, scanning the point-of-sale terminal for credit card details and sending them back to a control server.

“Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection,” warned Cisco in a blog post earlier this year. “As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families.

“Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.”

Just last month point-of-sale terminals were under threat from PoSeidon, another new malware program thought to be more dangerous than the Zeus exploit kit that was used to steal millions of card details from Target customers.

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.