Skip to main content

Hackers Now Targeting Point Of Sale Systems

By September 5, 2018June 3rd, 2022Cybersecurity

There’s a new threat to point of sale (POS) systems coming out of Russia, according to security researchers from Booz Allen Hamilton. The malware, which they’re calling “RtPOS” isn’t bleeding edge technology, and does not approach the level of sophistication of other recently discovered strains, but that doesn’t mean it should be taken lightly. These strains include RawPOS, MajikPOS, UDPOS, and Treasure hunter.

In its current incarnation, it has a limited feature set and is basically a RAM scrapper. Once deployed, it will watch a PC’s RAM looking for text patterns, which are saved to a local DAT file. Of interest, it doesn’t currently appear to have any sort of networking capability, so when the data is collected and stored, it has no means of actually porting it to a command and control server (yet).

There are two competing theories as to why this software is the way it is. One theory is that it’s simply a rough draft. A work in progress. Although relatively benign in its current incarnation, it would be quite easy for the authors to add enhancements to the code, and possibly to update the software remotely, turning this “nonthreatening” software into a true menace in the blink of an eye.

Another theory is that RtPOS is one part of a multi-part, much more subtle attack. The purpose of the software is simply to infect and collect data, leaving it to a separate process to exfiltrate the data at irregular intervals, which would be more difficult to detect, and unlikely to draw attention.

At present, there’s no clear indication which theory is correct, but both ideas are disturbing. As ever, vigilance is the key. Hardly a day goes by that researchers somewhere in the world don’t discover some new threat. This is but the latest.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.