Tag: June

03
Oct
2020
Posted in technology

Two North American hospitality merchants hacked in May and June

point-of-sale.jpg

(Image: file photo)

special feature


Securing Your Mobile Enterprise

Mobile devices continue their march toward becoming powerful productivity machines. But they are also major security risks if they aren’t managed properly. We look at the latest wisdom and best practices for securing the mobile workforce.

Read More

In a security alert published on Thursday, US payments processor Visa revealed that two North American hospitality merchants were hacked and had their system infected with point-of-sale (POS) malware earlier this year.

POS malware is designed to infect Windows systems, seek POS applications, and then search and monitor the computer’s memory for payment card details that are being processed inside the POS payments apps.

“In May and June 2020, respectively, Visa Payment Fraud Disruption (PFD) analyzed malware samples recovered from the independent compromises of two North American merchants,” Visa said.

The US payments processor didn’t name either of the two victims due to non-disclosure agreements involved in investigating the incidents.

Visa published on Thursday a security alert [PDF] with a description of the two security breaches and the malware used in the attacks in order to help other companies in the hospitality sector scan their networks for indicators of compromise.

June hack: Hackers used three different POS malware strains

Of the two incidents, the second one that occurred in June is the most interesting, from an incident response (IR) perspective.

Visa said it found three different strains of POS malware on the victim network — namely RtPOS, MMon (aka Kaptoxa), and PwnPOS.

The reason why the malware gang deployed three malware strains is unknown, but it could be that attackers wanted to make sure they get all the payment data from across different systems.

Visa, which also provides incident response services in financial crime-related breaches, said the intruders breached the hospitality