FBI issues security warning to US retailers

The federal agencies warn that retailers' point of sales systems are being targeted by criminals.

The US Federal Bureau of Investigation (FBI) is warning US retailers to be on the lookout for malware that infects point-of-sale (POS) systems.

According to Reuters, the FBI sent retailers a confidential report stating that it believes POS malware is on the rise.

POS systems represent a high-value target for criminals because although they typically encrypt information sent to a payment provider, it must be in plain text at some stage. Even if POS systems do not store this information, it must pass through volatile memory. Dumping the contents of the device's memory at the right time will yield an attacker the information they need before it is encrypted.

RAM scraping, as it is known, has been demonstrated on web servers, but with some POS systems running on computers and requiring an internet connection, the same concepts can be easily carried across.

At least six US merchants are believed to be targeted by the same malware, and it has been seen in POS systems in Australia and Canada.

The FBI's warning comes as Target admitted its systems were breached . Neiman Marcus also came forward shortly after revealing that malware to collect payment details had been installed on its systems.