Browse Definitions :
Definition

POS malware (point-of-sale malware)

Contributor(s): Matthew Haughn

Point-of-sale malware (POS malware) is malicious software expressly written to steal customer payment data -- especially credit card data -- from retail checkout systems. Criminals often purchase POS malware to steal customer data from a retail organization with the intention of selling the data rather than using it directly.

There two ways to target a store's customer credit card data: The attacker can infiltrate databases where the data is stored or intercept the data at the point of sale (POS). While there are physical methods that can be used to steal data at these points, those methods require access to the point-of-sale equipment and generally expensive hardware as well. One such method uses an additional reader attached to the store’s card reader.  The second device reads and stores track two card data for the swipe payment. Track two magnetic stripe data includes the primary card number and security code, as well as other information such as what types of charges are permitted.

POS malware is a much simpler and less risky way of obtaining that data without ever setting foot on the premises. POS malware is a type of memory scraper that hunts for data in the correct format for track 2 credit card data. This data is only available unencrypted in memory very briefly. However, memory scraping malware is designed to gather it instantly when it is detected. The credit card info is then sent to the attacker’s remote computers, to be subsequently sold on underground sites.

Some examples of POS malware include Chewbacca, Backoff, BlackPOS and Kaptoxa.

This was last updated in January 2015

Continue Reading About POS malware (point-of-sale malware)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

SearchSecurity

  • computer worm

    A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining ...

  • Single Sign-On (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., ...

  • Certified Information Systems Auditor (CISA)

    Certified Information Systems Auditor (CISA) is a certification issued by ISACA to people in charge of ensuring that an ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

Close