Browse Definitions :
Definition

POS malware (point-of-sale malware)

Contributor(s): Matthew Haughn

Point-of-sale malware (POS malware) is malicious software expressly written to steal customer payment data -- especially credit card data -- from retail checkout systems. Criminals often purchase POS malware to steal customer data from a retail organization with the intention of selling the data rather than using it directly.

There two ways to target a store's customer credit card data: The attacker can infiltrate databases where the data is stored or intercept the data at the point of sale (POS). While there are physical methods that can be used to steal data at these points, those methods require access to the point-of-sale equipment and generally expensive hardware as well. One such method uses an additional reader attached to the store’s card reader.  The second device reads and stores track two card data for the swipe payment. Track two magnetic stripe data includes the primary card number and security code, as well as other information such as what types of charges are permitted.

POS malware is a much simpler and less risky way of obtaining that data without ever setting foot on the premises. POS malware is a type of memory scraper that hunts for data in the correct format for track 2 credit card data. This data is only available unencrypted in memory very briefly. However, memory scraping malware is designed to gather it instantly when it is detected. The credit card info is then sent to the attacker’s remote computers, to be subsequently sold on underground sites.

Some examples of POS malware include Chewbacca, Backoff, BlackPOS and Kaptoxa.

This was last updated in January 2015

Continue Reading About POS malware (point-of-sale malware)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

SearchSecurity

SearchHealthIT

  • Health IT (health information technology)

    Health IT (health information technology) is the area of IT involving the design, development, creation, use and maintenance of ...

  • fee-for-service (FFS)

    Fee-for-service (FFS) is a payment model in which doctors, hospitals, and medical practices charge separately for each service ...

  • biomedical informatics

    Biomedical informatics is the branch of health informatics that uses data to help clinicians, researchers and scientists improve ...

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

  • ransomware recovery

    Ransomware recovery is the process of resuming options following a cyberattack that demands payment in exchange for unlocking ...

  • natural disaster recovery

    Natural disaster recovery is the process of recovering data and resuming business operations following a natural disaster.

SearchStorage

  • RAID 5

    RAID 5 is a redundant array of independent disks configuration that uses disk striping with parity.

  • non-volatile storage (NVS)

    Non-volatile storage (NVS) is a broad collection of technologies and devices that do not require a continuous power supply to ...

  • petabyte

    A petabyte is a measure of memory or data storage capacity that is equal to 2 to the 50th power of bytes.

Close