Malware Hits the Malls

Just in time for the holiday rush, cybersecurity firm iSight Partners is warning shoppers and retailers of piece of malware targeting point-of-sale (POS) systems, according to CIO Today. Called ModPOS, the software has been around since 2012, with it being used to actively target businesses beginning in 2014. Stephen Ward, senior director of marketing for iSight, has noted ModPos represents "the most sophisticated point-of-sale (POS) malware we have seen to date," offering multiple methods to evade security and poach data from retailer's POS systems, and even custom plugins.

Of key interest is the observation that one module of ModPos is pulling credit care data from POS system memory, making any industry using POS systems a target, with even chip-and-PIN systems being potentially vulnerable.

With a recent report noting that Verizon has found retailers across 61 countries are experiencing hundreds of malware attacks a week and with the attacked becoming increasingly sophisticated, retailers will need to show extensive care this holiday season, lest they find themselves a victim.