FBI issues security warning to US retailers

Summary:The federal agencies warn that retailers' point of sales systems are being targeted by criminals.

The US Federal Bureau of Investigation (FBI) is warning US retailers to be on the lookout for malware that infects point-of-sale (POS) systems.

According to Reuters, the FBI sent retailers a confidential report stating that it believes POS malware is on the rise.

POS systems represent a high-value target for criminals because although they typically encrypt information sent to a payment provider, it must be in plain text at some stage. Even if POS systems do not store this information, it must pass through volatile memory. Dumping the contents of the device's memory at the right time will yield an attacker the information they need before it is encrypted.

RAM scraping, as it is known, has been demonstrated on web servers, but with some POS systems running on computers and requiring an internet connection, the same concepts can be easily carried across.

At least six US merchants are believed to be targeted by the same malware, and it has been seen in POS systems in Australia and Canada.

The FBI's warning comes as Target admitted its systems were breached . Neiman Marcus also came forward shortly after revealing that malware to collect payment details had been installed on its systems.

Topics: Security, Government : US


A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.