First Line of Defense
Operation Black Atlas Put Small and Medium-Sized Businesses At Risk With PoS Malware
In 2013, Target suffered the biggest PoS malware attack where tens of millions of transaction data were stolen. The breach started the same time Black Friday kicked off that year and extended its operation till the tail end of December. Since then, there were several PoS attacks that came after, but thankfully not as damaging. But now, a new campaign involving a bigger PoS threat is already working its way through networks around the world. Our researchers have recently found a powerful, adaptable, and invisible botnet that searches for PoS systems in any network. We are calling this cybercrime campaign as Operation Black Atlas.
” Cybercriminals are utilizing a shotgun approach to PoS malware in which they try to affect as many companies as they can regardless if it’s a major enterprise or a start-up company.”
Operation Black Atlas was operating as early as September2015, doing groundwork for major shopping events such as Thanksgiving, Black Friday, Cyber Monday, and the rest of the holiday season. Besides retail industries and companies, Black Atlas aims to target any industry it can find that rely on credit card payments. This is highly problematic given that most shoppers still rely on credit cards for non-cash payments. And in our paper Follow the Data: Dissecting Data Breach and Debunking Myths, we stated that 47.8% of data breaches come from the retail sector.
The tools used by operators of Operation Black Atlas are what make it dangerous. These cybercriminals basically possess tools of different functions. The tools enable them to penetrate and steal information from different network and security setups. So far, the malware used in Operation Black Atlas includes variants of Alina, NewPOSThings, a Kronos backdoor, and BlackPOS. Alongside the tools, cybercriminals are utilizing a shotgun approach in PoS malware in which they try to affect as many companies as they can regardless if it’s a major enterprise or a start-up company.
With this global threat, we may still experience the crippling power of PoS malware even with new payment processing technologies. Small- and medium-sized business owners are strongly advised to boost their PoS security by using a multi-tiered PoS defense system. For holiday shoppers, make sure you have switched to EMV or chip-and-pin credit cards, or use other payment processing systems when making in-store purchases. To learn more about Operation Black Atlas, read the full article on how Operation Black Atlas threatens the SMB sector, and our updates on Operation Black Atlas.