Backoff malware infections are more widespread than thought
The Payment Card Industry Security Standards Council, which oversees the PCI security standard, issued an urgent bulletin this past week urging retailers to review security controls and take additional protective measures, such as end-to-end encryption to protect against the malware.
Backoff is not an especially sophisticated tool, said Schouwenberg. Even current versions are not any more advanced than versions of the malware when it was first released. But the fact that it still managed to infect so many systems highlights the weak security measures companies have deployed for POS operations, he said.
Even if anti-malware tools did not detect Backoff, companies should have still been able to spot malicious activity from it. For example, the companies should have spotted the massive transfers of stolen data taking place from within their networks, Schouwenberg said.
"Why does a POS terminal in Alabama need to connect to a server based in Russia'' he asked. "There's just a whole number of things to show defenses are not up to par."