As Thanksgiving approaches it serves as a reminder that this time last year, hackers were getting ready to invoke what turned out to be the most infamous security breach of 2013, resulting in the loss of over 40M payment card details from Target stores.
A year on and SC Magazine are covering a report from Damballa suggesting that infections of the Backoff POS malware have increased substantially during the last few months. Any retailer should be very aware that POS attacks are becoming more refined and effective, and if measures aren't already in place to both defend against POS malware and to detect infections when they are successful, now would be a very good time to take action. Harden devices against attacks, locking down POS systems to minimize the attack surface presented and implement Windows file integrity monitoring to track any changes and isolate breach activity.
New variants of Backoff will be continually engineered to side-step AV defenses: Modifying malware to give it a new identity allows it to attack under a Zero Day guise and evade anti-virus measures, so a File Integrity Monitoring (FIM) detection approach is essential.
In fact, knowing what we know about Backoff and BlackPOS does leave you to ask why retailers are still prepared to take the chance that their AV defenses are going to save them?