A new strain of point-of-sale malware – called LusyPOS – has appeared on underground black markets, designed to steal credit and debit card information from shoppers. At a measly $2,000 it collects payment card data on point of sale machines before encryption, which is then transmitted to a remote server for hackers to access it.
Although new on the market, LusyPOS shares similar code to the malware families of Dexter and Chewbacca. LusyPOS is larger in size than most previously detected POS malware samples – almost 4.0 MB.
Technically, POS machines should not be allowed to ‘talk’ to websites available through Tor or other black markets, according to the Payment Card Industry Data Security Standard (PCI DSS).
Jeremy Scott, senior research analyst, said in a statement, “Organizations should be on the lookout for attempts to contact suspicious domain names with a .onion TLD and block them immediately”.
Most PCI audits should lock this sort of activity down, but – as history has proved – there always seems to be one that got away.
Make sure you’re up to scratch with the PCI DSS by using the PCI DSS v3.0 Documentation Toolkit. Created by an official PCI QSA, this PCI DSS toolkit is specifically designed to assist payment card-accepting organizations (merchants) to become compliant with the PCI DSS. It contains pre-written compliant documentation templates for all the mandatory PCI DSS v3.0 policies, as well as implementation guidelines.