Security experts at IntelCrawler threat intelligence firm are among the team of researchers more active against Point-of-Sale (PoS) malware. IntelCrawler The team conducted several investigations in the past and continuously monitor the evolution of the cyber threat. IntelCrawler also released a global map of Point-of-Sale infections by most popular PoS malicious codes, such as Alina, BlackPOS, Dexter, and JackPOS.
I decided to contact Andrew Komarow, CEO of cyber intelligence firm IntelCrawler, to ask him more about this insidious threat.
1) How many infected Point-of-Sale terminals have your identified this year?
IntelCrawler have identified more than 1260 unique infected Point-of-Sale terminal during the year. In some cases, the identified botnet networks had the same terminals, used by different bad actors worldwide, which means, that the insecurity of current retail sector and small business, having own offline merchants is a pretty significant problem. We continue cooperation with international LEA, CERTs and private sector to share the intelligence about potential data breaches, which were not revealed in public yet, to make the credit card holders safer around the world, using actionable threat intelligence from our side.
2) What geographical regions are the most interesting for the bad actors?
According to our current statistics the most affected regions are:
All of these countries have very developed retail sector, that’s why the automation and computerization, there has serious presence there, also opening the doors for the bad actors to attack it. We have also faced with some targeted infections in particular regions, where the merchant has wide distribution, and the external bad actors exploit absolutely the same bugs in its configuration.
3) What types of offline merchants are the most affected to Point-of-Sale infections?
According to our statistics, the most affected types of merchants are:
(Security Affairs – Point-of-Sale malware, cybercrime)