Homeland Security Warns Again of 'Backoff' Malware Risks

Print
Email
Reprints
Comment
Twitter
LinkedIn
Facebook
Google+

The Department of Homeland Security has issued an alert about the potential risks of data breaches at the point of sale caused by a type of malware known as Backoff, which has already affected more than 1,000 businesses.

This is the second warning issued by DHS.

How 'Backoff' Malware Works and Why Banks Should Care

Over the past year, according to a joint advisory from the National Cybersecurity and Communications Integration Center, United States Secret Service, and third-party partners, Backoff has been remotely accessing administrator accounts of various businesses to extract consumer payment data. The Secret Service found that "numerous businesses throughout the United States" have suffered from network intrusions facilitated by Backoff malware, with at least seven vendors confirming they had multiple clients affected.

Estimations so far suggest that more than 1,000 businesses have already been affected. No specific information was provided about how many banks have suffered such breaches. Reporting on additional compromised locations continues, the document notes.

The DHS alert "strongly recommends" businesses' technology teams, vendors of POSs and anti-virus systems, and managed service providers assess their software to ensure they are not compromised and to minimize system vulnerabilities.

JOIN THE DISCUSSION

SEE MORE IN

'Dodd-Frank Is Like the TSA': Comments of the Week
American Banker readers share their views on the most pressing banking topics of the week. Comments are excerpted from reader response sections of AmericanBanker.com articles and from our social media platforms.

(Image: iStock)

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Already a subscriber? Log in here
Please note you must now log in with your email address and password.