My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

See Latest Videos

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

See Latest Articles

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

See Latest Podcasts

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.

Malware

Malware Warning Puts Retailers on Lookout for New Cyber Breaches

Next Article
  • --shares
Add to Queue
Malware Warning Puts Retailers on Lookout for New Cyber Breaches
Image credit: Shutterstock
2 min read
This story originally appeared on Reuters

U.S. retailers are hunting for evidence of new breaches leading into the holiday shopping season after a cyber intelligence firm privately warned them about payment-card-stealing malware that it said evades almost all security software.

"This is by far the most sophisticated point-of-sale malware seen to date," said Maria Noboa, lead technical analyst for privately held iSight Partners, which uncovered the malware and was due to release a technical report about it on Tuesday.

The firm had shared information about the malware, dubbed ModPOS, with clients in October, and briefed dozens of companies, including retailers, hospitality companies and payment-card processors, about its dangers.

Retailers began hunting for the malware in the approach to this week's unofficial launch of the holiday shopping season, the busiest time of the year for most merchants, according to the Retail Cyber Intelligence Sharing Center (R-CISC), an industry group set up this year to fight hackers.

Retailers have been fending off increasingly sophisticated payment-card theft schemes for more than a decade. The biggest breaches to date include a notorious 2013 holiday-shopping-season attack on Target Corp and a major breach at Home Depot Inc, each of which compromised tens of millions of payment card numbers.

ISight declined to say how it uncovered the ModPOS threat or name any targeted retailers.

Some retailers have found digital evidence that linked threat indicators they had previously seen to ModPOS, though that does not necessarily mean they were victims of breaches, said Wendy Nather, director of research for R-CISC.

"I couldn't tell you who is most likely to be compromised by this," Nather said. "But if it were harmless, we wouldn't even be talking about it."

Her group, which was set up this year, has approximately 50 members including Gap Inc, J.C. Penney Co, Lowe's Co and Walgreens.

ISight said it first identified the malware late last year, but only came to understand its sophistication in recent months after breaking encryption that hid how the malware works.

ModPOS includes modules for "scraping" payment-card numbers from the memory of point-of-sale systems, logging keystrokes of computer users and transmitting stolen data, according to iSight.

(Reporting by Jim Finkle; Editing by Richard Valdmanis and Leslie Adler)

More from Entrepreneur

Book your session with expert Jon Horowitz
Jon Horowitz is dedicated to helping brands with grow their social footprint by aligning with influencers and creating innovative content.
Book Your Session
Jumpstart Your Business with Entrepreneur Insider
Jumpstart Your Business. Entrepreneur Insider is your all-access pass to the skills, experts, and network you need to get your business off the ground—or take it to the next level.
Join Now
Go to Biz Planning Plus
Create your business plan in half the time with twice the impact using Entrepreneur's BIZ PLANNING PLUS powered by LivePlan. Try risk free for 60 days.
Start My Plan

Related Books

Entrepreneur Voices on Elevator Pitches

Entrepreneur Voices on Elevator Pitches

Buy From
No B.S. Marketing to the Affluent

No B.S. Marketing to the Affluent

Buy From
Ultimate Guide to Amazon Advertising

Ultimate Guide to Amazon Advertising

Buy From
Ultimate Guide to LinkedIn for Business

Ultimate Guide to LinkedIn for Business

Buy From
The Direct Mail Revolution

The Direct Mail Revolution

Buy From
The New Employee Manual

The New Employee Manual

Buy From

Latest on Entrepreneur

Malware

Malware Warning Puts Retailers on Lookout for New Cyber Breaches

Malware

Starwood Hotels Says Point-of-Sale Systems Infected With Malware

Malware

E-Cig Chargers Could Infect Computer With Malware