Hackers Continue To Attack POS Transactions And Systems

By Published On: April 29, 2022

Have you heard of DMSniff?  If you’re in the restaurant, entertainment, or retail business and you haven’t heard of it, this article is likely to dismay you. It’s the latest threat being deployed against those industries.

Researchers from the cybersecurity company Flashpoint now believe that DNSniff malware has been lurking in the wild since at least 2016.

It has proved to be notoriously hard to detect, which explains why we’re just now hearing about it. Even worse, the hackers behind the software have been specifically targeting small to medium-sized companies that rely heavily on credit card transactions to survive, These companies don’t typically have the resources to deploy state-of-the-art security measures.

One of the key features of this malware strain is that it uses a DGA (Domain Generation Algorithm) to create command and control domains on the fly, which makes it incredibly resistant to blocking mechanisms and takedowns.  For instance, if law enforcement officials raid a site, confiscate servers, and shut down a domain, DNSniff keeps doing its thing.  It will simply spawn a new command and control domain and continue to transmit stolen data.

Although DGA’s are employed by other forms of malware, finding it built into the core functionality of code designed to be injected and run on POS machines is a new twist the researchers hadn’t seen coming.

In addition to that, DNSniff also utilizes a string-encoding routine, which enables it to hide even when actively searched for. This makes it more difficult for security personnel to uncover the inner workings of the code.

The goal for the hackers, of course, is to siphon off as many credit card numbers and as much other payment information as they can. They then bundle the stolen data and resell it on the Dark Web.  The group behind DNSniff has been wildly successful.  If you’re in any of the businesses we mentioned at the start, make sure your staff is aware of this latest threat, and stay on your guard.

Used with permission from Article Aggregator

Bill Hogan - Partners Plus, Managed IT Services and IT Support

Bill Hogan is the Owner and President of Partners Plus. He has 40 years of experience in the technology industry, specifically IT support services. Bill has spoken at seminars all over the country about network management. Partners Plus was selected by PHL17 as the best Computer and Information Technology Support Company in the greater Philadelphia area in 2018.

Safe and Secure Information Technology will cover topics like ransomware prevention, solid-state drives, and chip shortage impacts.

Safe and Secure Information Technology

Subscribe to our Weekly Cybersecurity Tips

Contact Us Today

Partners Plus in Delaware
2 Penns Way,
Suite 307
New Castle, DE 19720

Phone: 302-529-3700

Partners Plus in Philidelphia
1515 Market St.,
Suite 1200
Philadelphia, PA 19102

Phone: 215-774-8980

Partners Plus in Malvern
101 Lindenwood Drive
Suite 225
Malvern, PA 19355

Phone: 610 361-9200