PCI Council urges retailers to defend against Backoff POS attacks

Share this article:

Soon after the Department of Homeland Security (DHS) issued a warning on increased point-of-sale malware infections attributed to “Backoff,” the PCI Council followed suit, urging retailers to defend their systems against the threat.

On Wednesday, the Payment Card Industry Security Standards Council (PCI SSC) published a bulletin (PDF) encouraging merchants to contact their AV provider to ensure their software detects Backoff.

Last week, the Secret Service revealed that over 1,000 U.S. businesses had been impacted by the malware, and on Monday, security firm Trustwave announced that two new Backoff variants were detected in the wild.

The PCI Council also advised retailers to review all system logs for any “strange or unexplained activity,” particularly large data files being sent to unknown locations, the bulletin said. Merchants were also told to update all default and staff passwords on vulnerable systems and applications.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.

Security, tech firm coalition fights Hikit actors, other advanced groups

Security, tech firm coalition fights Hikit actors, other ...

The coalition began as an effort to stop the spread of the Hikit trojan, previously known for targeting U.S. defense contractors.

Phishing email delivers keylogger malware, also takes screenshots

Phishing email delivers keylogger malware, also takes screenshots

The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls.