POS malware comprises 1,500 devices and half a million payment cards


May 31, 2014

Over half a million payment cards have been compromised by a piece of malware that has infected around 1,500 point-of-sale (POS) devices globally.

The malware, part of a worldwide botnet called Nemanja, was recently discovered by cyber intelligence firm IntelCrawler – located on over 1,478 hosts in 35 countries including Australia. The list of infected devices currently includes POS terminals, accounting systems and grocery management platforms.

CEO of IntelCrawler Andrew Komarov explained to SC Magazine the key targets of the breach, and the fact that the developers of the botnet weren't looking to sell Nemanja.

"It is one of those cases where a group of hackers developed [their] own malware for targeted attacks, with a very clear commercialisation scheme," said Mr Komarov.

"They intercept credit cards from [infected POS devices] and then resell [the data] on black market through their own shops and partners."

According to Mr Komarov, Nemanja is believed to be the product of a small group of cyber criminals based in Serbia.

Handling customer payment information through credit and debit cards requires an appropriate level of security. Businesses need to ensure adequate PCI compliance is in place and kept up to date.

Affected customers should update their payment cards to ensure ongoing security.

Leave a Reply

Your email address will not be published. Required fields are marked *