Point-of-sale (PoS) systems are one of the most critical components in any retail industry. Innovations on modern PoS software have enabled better business payment processing, inventory and have enhanced customer relationship management (CRM) as well. However, due to PoS systems’ role in processing financial transactions, they have increasingly become a popular target for cybercriminals, as we have observed PoS malware evolve rapidly over the past few years.
This research paper offers a look into a one-man PoS malware campaign run by a prolific cybercriminal, “AlejandroV”. According to collected data, his PoS malware, dubbed “FighterPOS,” has hit 200 organizations across Brazil, Mexico, Italy, and the UK since early 2014 and has managed to scrape 22,000 credit card numbers within a month. AlejandroV does not only run his own campaign, but also sells FighterPOS to other cybercriminals in the underground forums. This “career change” seems surprising since our investigation has revealed that AlejandroV has a long history of carding and payment scams, taking both the role of malware developer and seller.
Taking a closer look at this “single actor infrastructure”, we provide in-depth insights on how an actor can gain more revenue from not only selling malware but also the tools that aid in their distribution.
Learn more about this particular PoS system attack, the actor behind it, along with the tools and methods in the paper FighterPOS: The Anatomy and Operation of a New One-Man PoS Malware Campaign
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.