FBI issues security warning to US retailers

FBI issues security warning to US retailers

Summary: The federal agencies warn that retailers' point of sales systems are being targeted by criminals.

SHARE:

The US Federal Bureau of Investigation (FBI) is warning US retailers to be on the lookout for malware that infects point-of-sale (POS) systems.

According to Reuters, the FBI sent retailers a confidential report stating that it believes POS malware is on the rise.

POS systems represent a high-value target for criminals because although they typically encrypt information sent to a payment provider, it must be in plain text at some stage. Even if POS systems do not store this information, it must pass through volatile memory. Dumping the contents of the device's memory at the right time will yield an attacker the information they need before it is encrypted.

RAM scraping, as it is known, has been demonstrated on web servers, but with some POS systems running on computers and requiring an internet connection, the same concepts can be easily carried across.

At least six US merchants are believed to be targeted by the same malware, and it has been seen in POS systems in Australia and Canada.

The FBI's warning comes as Target admitted its systems were breached. Neiman Marcus also came forward shortly after revealing that malware to collect payment details had been installed on its systems.

Topics: Malware, Government US, Security

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • No Duh

    A bunch of geniuses @FBI.
    Never would've known if they hadn't tipped us.
    They really know how to stay ahead of things at Quantico.
    f0real
  • When you build on Wndows this is what happens

    A vast majority of POS systems run some flavor of the most hacked OS - Windows.

    So it makes sense that they would get hit hardest.

    Time for a paradigm shift away from the garbage that is Windows.
    itguy10
  • No kidding....

    "The federal agencies warn that retailers' point of sales systems are being targeted by criminals."

    LOL - did they get a tip from NSA on that? What a bunch of useless morons - go back to targeting the mod and anti-trust violators, will ya?
    vgrig
  • Pretty much figured this out already...

    by now. Thanks but you are too late. >:(
    JCitizen