Ticket vending machines not immune to POS malware

Ticket vending machines not immune to POS malware

There’s no such thing as being attack-proof, and in the cybercrime world of today, every type of enterprise is a target. Among malicious strains, a type that’s particularly rampant is point-of-sale malware. While people may think that type of intrusion is just confined to cash registers at the department store checkout line, that’s not the case: POS malware is now hitting ticket vending machines and electronic kiosks.

A new threat emerging
IntelCrawler, a group that identifies cybersecurity threats, recently uncovered a new one. It goes by the name “d4re|dev1|” (Daredevil) and it’s an advanced program that is able to steal data from several different POS platforms. The researchers at IntelCrawler who uncovered the malware stated that it’s only the latest strain in a slew of other POS variants that are increasingly being developed and leveraged by cybercriminal forces.

“This new strain of malware, which is hitting Mass Transit Systems, acts as an advanced backdoor with remote administration, having RAM scrapping and keylogging features,” IntelCrawler said in a release.

In its explanation of how the malware works, IntelCrawler showed how a malicious actor could use the malware to overtake a public kiosk used for mass transit. One such compromised device was identified in Sardinia. By gaining remote access to a transit kiosk such as the one in Sardinia, criminals could view financial transactions as they’re happening and therefore use that as a means to exfiltrate payment data.

Defending against threats
One of the key reasons malware like Daredevil is able to thrive is because so many systems like transit kiosks aren’t well-guarded at the administrative level. Instead of being equipped with security measures that keep bad elements at bay, the machines are all too often weakly guarded and therefore susceptible to a malicious encroachment. Experts believe that because of these weaknesses and the ease with which hackers can wage attacks, transit kiosks and ticket vending machines will become a lucrative new target for cybercriminals.

But this story holds an implicit warning for enterprises beyond the transit and ticket vending industries: If your organization is weak, criminals will look to exploit it. After all, one of the primary reasons this POS malware is working is because these machines were weak in the first place. For businesses that don’t make an effort to keep themselves defended, attack becomes an inevitability. That’s why layered security like that offered by Faronics is absolutely vital for all kinds of organizations.

Scott Cornell

When he’s not knee deep in blogging and all things tech, Scott spends his free time playing ultimate Frisbee and watching foreign films. An expert in emerging tech trends, Scott always has his ear to ground for breaking news related to IT security.