According to PCWorld, a new malware program has emerged against point of sale systems. Punkey, discovered by the U.S. Secret Service, is a RAM scraping malware that has at least three major components.
It attacks by immersing itself into the Windows explorer.exe process and creates start-up entries to remain active. It has versions for 32-bit and 64-bit Windows-based POS systems. It lurks hidden in the programs stealing information and steals payment card data whenever a credit or debit card is processed. It also installs a keylogger to steal any information employees manually type in.
The keystroke function takes all the information logged and encrypts it with advanced encryption standard (AES) and sends it back to wherever the Punkey command center is located. Punkey can also download and run other malicious files, and even update itself on the POS system.
Trustwave researchers highlight a key component of the malware, its ability to run additional tools and escalate its range within the system once it’s in.
Since the malware emerged, Trustwave has created a tool that can decrypt Punkey traffic. It can be found here.
Punkey comes on the heels of PoSeidon, as well as other malware programs like FighterPOS.
Verizon Enterprise Solutions has noted a great increase in the number of RAM POS system scraping attacks. POS attacks were one of the top three data breaches in 2014.
Invest in a point-of-sale system that will protect your private company data as well as the personal information of your customers. With new threats emerging daily, some worse than others, a vital component of your POS system should be its security.
Visual Retail Plus has a range of POS system products. Visit our website for more information.