Prilex modification now targeting contactless credit card transactions

Prilex is a singular threat actor that has evolved from ATM-focused malware into unique modular PoS malware—actually, the most advanced PoS threat we have seen so far, as described in a previous article. Forget about those old memory scrapers seen in PoS attacks. Prilex goes beyond these, and it...

167,000 stolen credit card numbers Exposed via PoS Malware

By Waqas The campaign was discovered in April 2022, but researchers believe the campaign occurred between February 2021 and September 8, 2022. This is a post from HackRead.com Read the original post: 167,000 stolen credit card numbers Exposed via PoS Malware...

Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards

Two point-of-sale PoS malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net the operators as much as $3.34...

A look at the 2020–2022 ATM/PoS malware landscape

During the pandemic, lockdowns forced people to stay at home and do their shopping online, which was mirrored in point-of-sale PoS and ATM malware activity, as certain regions saw malicious transactions drop significantly. Now, as we predicted in last years forecast, many are returning to their...

Prilex: the pricey prickle credit card complex

Prilex is a Brazilian threat actor that has evolved out of ATM-focused malware into modular point-of-sale malware. The group was behind one of the largest attacks on ATMs in the country, infecting and jackpotting more than 1,000 machines, while also cloning in excess of 28,000 credit cards that...

IT threat evolution Q1 2021. Non-mobile statistics

These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly figures According to Kaspersky Security Network, in Q1 2021: Kaspersky solutions blocked 2,023,556,082 attacks launched from online resources across the...

Clop Gang Gallops Off with 2M Credit Cards from E-Land

The Clop ransomware group is at it again. On Thursday, the gang claimed that it stole 2 million credit cards from South Korean retailer E-Land over a one-year period, in a campaign that culminated with a ransomware attack on the company’s headquarters in November. Operators of Clop ransomware...

A week in security (September 28 – October 4)

Last week on Malwarebytes Labs, we dug into what happens when card fraud comes calling, we gave a rundown on some novel ransomware attacks that took advantage of smart coffee makers, and we introduced VideoBytes, our new, monthly series in which well provide video coverage of some of the...

A look at the ATM/PoS malware landscape from 2017-2019

From remote administration and jackpotting, to malware sold on the Darknet, attacks against ATMs have a long and storied history. And, much like other areas of cybercrime, attackers only refine and grow their skillset for infecting ATM systems from year-to-year. So what does the ATM landscape loo...

Landry's Restaurant Chain Suffers Payment Card Theft Via PoS Malware

Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale POS systems that allowed cybercriminals to steal customers' payment card information. Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outle...

Wawa Data Breach: Malware Stole Customer Payment Card Info

Popular convenience-store chain Wawa Inc. has disclosed a data breach potentially affecting all of its 850 locations. The breach stemmed from malware on its in-store payment processing systems that collected customers’ payment card data – for almost 10 months. The popular chain of Wawa convenienc...

POS Malware Found at 102 Checkers Restaurant Locations

The popular Checkers and Rally’s drive-through restaurant chain was attacked by Point of Sale POS malware impacting 15 percent of its stores across the U.S. Checkers is one of the largest drive-through restaurants in the U.S., operating in 28 states and headquartered in Tampa, Florida. The securi...

Data Breaches of the Week: Tales of PoS Malware, Latrine Status

The data-breach onslaught continued this week with casualties sprinkled across the globe. Victims included retailers, banks and one state-owned gas station. The theme this was the Indian subcontinent, with consumers in Pakistan and India feeling the main brunt of the proceedings. A point-of-sale...

New POS Malware PinkKite Takes Flight

A new family of point-of-sale malware, dubbed PinkKite, has been identified by researchers who say the malware is tiny in size, but can delivered a hefty blow to POS endpoints. Researchers at Kroll Cyber Security first identified PinkKite in 2017 during a nine-month investigation into a large POS...

POS Malware Found at 160 Applebee’s Restaurant Locations

Malware was discovered on point of sales systems at more than 160 Applebee’s restaurants, exposing credit card information from unknowing diners. RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its...

A week in security (February 5 – February 11)

Last week on Malwarebytes Labs, we featured a new Flash Player zero-day that has been found in recent targeted attacks. And we talked about a new trick to cripple browsers that came out of the hat of tech support scammers. We also covered several methods of stealing cryptocurrencies, including on...

February 9, 2018 – Morning Cyber Coffee Headlines – “Opening Ceremony” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! February 9, 2018 - Headlines Carbon Black in the News: 10 Questions Today’s CEO...

A week in security (September 11 – September 17)

Last week, we dug into phishing campaigns done via Linkedin accounts, remediation versus prevention, issues with smart syringe pumps, and advised you to go patch against a Word 0day. We had some tips regarding identity theft protection, explored crowdsourced fraud, and explained YARA rules...

4,000 ElasticSearch servers found hosting PoS malware

By Waqas Kromtech’s security researchers have identified two point-of-sale POS malware strains This is a post from HackRead.com Read the original post: 4,000 ElasticSearch servers found hosting PoS malware...

Thousands of Elasticsearch Servers Hijacked to Host PoS Malware

Thousands of insecure Elasticsearch servers are hosting point-of-sale malware, according to an analysis by Kromtech Security Center. In total, researchers found 15,000 insecure Elasticsearch servers with 27 percent 4,000 hosting the PoS malware strains Alina and JackPoS. “The absence of...