Over 1,000 businesses compromised with Backoff malware
The US Department of Homeland Security has once again issued a warning to businesses about the Backoff malware.
“The DHS encourages organizations, regardless of size, to proactively check for possible Point of Sale (PoS) malware infections,” the advisory states. “One particular family of malware, which was detected in October 2013 and was not recognized by antivirus software solutions until August 2014, has likely infected many victims who are unaware that they have been compromised.”
The initial advisory went out on July 31, 2014, and detailed the effects of the malware.
In this latest one the DHS noted that the Secret Service has already responded to network intrusions at numerous businesses throughout the United States, and that seven PoS system providers/vendors have confirmed that they have been hit. We know of Target, UPS, and Supervalu.
Apparently, the estimate is that over 1,000 US businesses have been affected, and the DHS is advising organizations to contact their IT team, antivirus vendor, managed service provider, and/or point of sale system vendor to check for intrusions or possible vulnerabilities that could lead to one.
If they find that they have become a victim of this malware, they are advised to contact their local Secret Service field office.
The initial advisory contains more technical details about the malware.