Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals.
According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net the operators as much as $3.34 million by selling them on underground forums.
While a significant proportion of attacks aimed at gathering payment data rely on JavaScript sniffers (aka web skimmers) stealthily inserted on e-commerce websites, PoS malware continues to be an ongoing, if less popular, threat.
Just last month, Kaspersky detailed new tactics adopted by a Brazilian threat actor known as Prilex to steal money by means of fraudulent transactions.
“Almost all PoS malware strains have a similar card dump extraction functionality, but different methods for maintaining persistence on infected devices, data exfiltration and processing,” researchers Nikolay Shelekhov and Said Khamchiev said.
