More than 1,000 businesses affected by same malware as Target

http://www.latimes.com/business/technology/la-fi-tn-1000-malware-target-20140822-story.html



The Secret Service estimates more than 1,000 American businesses have been infiltrated with the same malware that affected Target's in-store cash register systems.

More than 1,000 businesses affected by same malware as Target
By Salvador Rodriguez
8.22.2014

The Secret Service estimates more than 1,000 businesses have been affected by the same kind of cyberattack that scraped Target's cash register system for consumer credit card information, the Department of Homeland Security said in an advisory Friday afternoon.

Criminals are carrying out the attack by hacking into businesses' networks and then installing malware -- known as "Backoff" -- on their point-of-sale systems. Any time a business swipes a credit card, the malware records its information and sends it back to the hackers, who then sell the data to other criminals on the Internet, said Ken Westin, a security analyst for Tripwire Inc., a Portland cybersecurity firm.

This kind of attack was first seen last year when hackers infiltrated Target's systems. According to the advisory, seven point-of-sale system vendors have confirmed that they've had multiple clients affected by Backoff. The Department of Homeland Security said that one strand of Backoff has been in use by hackers since last October and was not detected until just this month.

"There's a lot of retailers out there that have been compromised by this and they simply don’t know it yet,” Westin said, explaining that many businesses don't have the tools in place to monitor for these kinds of attacks.