Explosion of PoS RAM scrapers

November 2014 Information Security

Shortly after a massive batch of stolen credit and debit cards went on sale in the underground market pointing to a breach in large retail giant Home Depot, the company confirmed that their payment systems were compromised. This affected customers who had used their cards in any of the 2264 stores in the United States or Canada since April this year.

“Attacks like these are spreading like wildfire, this quarter alone saw a slew of data breaches and distributed denial of service (DDoS) attacks happen to big-name companies. In late 2013 we saw Target in the US suffer one of the largest data breaches in history with the use of BlackPOS, resulting in the theft of 40 million credit and debit card numbers as well as 70 million personal records of Target shoppers,” says Gregory Anderson, country manager at Trend Micro South Africa.

“This was just the beginning and now we are seeing a constant stream of retailers publicly disclosing data breach incidents, typically involving credit card data theft using PoS RAM scrapers. Local retailers need to be aware that these threats are on the rise and 2014 has already seen the appearance of a number of new PoS RAM scraper families.”

Anderson continues: “Credit card data breach is an established cybercrime that will not show signs of decreasing in the near future. Cybercriminals are targeting all industries and use a wide range of breach techniques. It’s important that our local industries are protected against possible robust PoS RAM attacks.

For more information visit www.trendmicro.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...
Cybersecurity in South Africa
Information Security
According to the Allianz Risk Barometer 2025, cyber incidents, including ransomware attacks, data breaches and IT outages, are now the top global business risk, marking their fourth year at the top.

Read more...
Are AI agents a game-changer?
Information Security
While AI-powered chatbots have been around for a while, AI agents go beyond simple assistants, functioning as self-learning digital operatives that plan, execute, and adapt in real time. These advancements do not just enhance cybercriminal tactics, they may fundamentally change the battlefield.

Read more...
Disaster recovery vs cyber recovery
Information Security
Disaster recovery centres on restoring IT operations following events like natural disasters, hardware failures or accidents, while cyber recovery is specifically tailored to address intentional cyberthreats such as ransomware and data breaches.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
The rise of AI-powered cybercrime and defence
Information Security News & Events AI & Data Analytics
Check Point Software Technologies launched its inaugural AI Security Report, offering an in-depth exploration of how cybercriminals are weaponising artificial intelligence (AI), alongside strategic insights defenders need to stay ahead.

Read more...
The deepfake crisis is here and now
Information Security Training & Education
Deepfakes are a growing cybersecurity threat that blur the line between reality and fiction. These AI-generated synthetic media have evolved from technological curiosities to sophisticated weapons of digital deception, costing companies upwards of $600 000 each.

Read more...
What does Agentic AI mean for cybersecurity?
Information Security AI & Data Analytics
AI agents will change how we work by scheduling meetings on our behalf and even managing supply chain items. However, without adequate protection, they become soft targets for criminals.

Read more...
Phishing attacks through SVG image files
Kaspersky News & Events Information Security
Kaspersky has detected a new trend: attackers are distributing phishing emails to individual and corporate users with attachments in SVG (Scalable Vector Graphics) files, a format commonly used for storing images.

Read more...