New Malware Attacks 600 Merchants

Retailers, restaurants, and other businesses have a new form of malware to fight, called Backoff. This latest form of cybercrime attacks remote-desktop applications that are used by point-of-sale systems, picking up credit cards and other consumer information along the way.

Details about Backoff were released today in a report by the Department of Homeland Security and the U.S. Secret Service. The malware is so new that anti-virus programs don't yet have the signatures to detect it.

About 600 brick-and-mortar businesses, large and small, were affected by the malware, according to Karl Sigler, threat intelligence manager for Trustwave, a security company that helped uncover the malware. Names of the businesses have not been released yet, since a criminal investigation is ongoing.

Backoff allows cybercriminals to infiltrate the remote-access software often used by vendors of point-of-sale systems when problems arise with those systems. Once Backoff gets access to the remote software (often because of weak passwords), it waits for credit-card info to be entered, encrypts it, and sends the numbers to cyberthieves, said Sigler. Backoff can both log keystrokes, for example when a clerk manually enters a credit card number, or scrape credit and debit card data from the system’s memory.

Keep your computer safe with the best security software. Our Ratings tell you which are tops.

“There have been no signs of fraudulent activity [on credit cards] yet,” said Stigler. “It can be alarming, but in the end, this is just shining a light on the fact that these vendors aren’t using best practices to prevent this kind of attack.”

Ironically, he adds, online shopping is a bit more secure than shopping in physical stores. “Your own computer is more in your control,” Stigler said.

--Donna Tapellini

Copyright © 2005-2014 Consumers Union of U.S., Inc. No reproduction, in whole or in part, without written permission. Consumer Reports has no relationship with any advertisers on this site.