Beware of PoS malware! It can secretly steal your credit card details

New malware has reportedly been operationalised by hackers and it is stealing victims' credit card data. Dubbed as PoS (two point-of-sale) malware, it has already stolen information related to over 167000 credit cards from multiple payment platforms. As reported by thehackernews.com, Singapore-headquartered cybersecurity company Group-IB has shared that the stolen data dumps could profit the hackers by as much as $3.34 million when sold on underground forums.

The malware is reportedly aimed at gathering payment data relying on JavaScript sniffers (aka web skimmers) to steal card text data like bank card numbers, expiration dates, names of owners, addresses, CVVs from eCommerce websites. Last month, Kaspersky shared about new tactics adopted by a Brazilian threat actor named Prilex stealing money via fraudulent transactions. It said, "Almost all PoS malware strains have a similar card dump extraction functionality, but different methods for maintaining persistence on infected devices, data exfiltration and processing." Most of the malware operations were carried out on the credit cards issued by the banks in the U.S., Puerto Rico, Peru, Panama, the U.K., Canada, France, Poland, Norway, and Costa Rica.

How does PoS malware work?

As explained by Group-IB, Point-of-sale (POS) malware is a type of malicious software designed to attack PoS terminals with an aim to steal payment data stored on magnetic stripes (magstripes) on the back of bank cards. The website noted that the PoS malware has become less popular due to the protection mechanisms embedded in modern credit card processing systems in most countries, but it's still operative. It is still a severe threat for individuals and businesses in the abovementioned regions as well as the places where credit cards with magstripe are used for the payment. As per the report, the USA is a desirable target for threat actors stealing magstripe dumps.