Backoff malware infections are more widespread than thought
Though they should have detected and blocked any malicious activity related to the malware, none of the companies appears to have even known they were infected, he said.
The malicious servers Kaspersky intercepted represent less than 5% of the command-and-control channels used to operate Backoff-infected systems worldwide. The fact that even that small sample turned up more than 85 victims suggests that the number of infections in North America is well over 1,000, Schouwenberg noted.
Backoff is a Trojan program designed specifically to steal credit and debit card data from point-of-sale (POS) systems. It was released last October, but remained hidden from anti-virus and other malware tools until it was discovered in August.
The tool was used in the massive data theft at Target and in several smaller ones at other retailers like Neiman Marcus.
The U.S. Department of Homeland Security and U.S. Secret Service have so far issued two bulletins about Backoff warning retailers of the severity of the threat. The two agencies have said the malware has infected at least 1,000 U.S. businesses.