139 US bars, restaurants and coffeeshops infected by credit-card stealing malware

North Country Business Products (NCBP), a provider of point-of-sales systems, has revealed that 139 of their clients have been hit by a malware infection that stole the payment card details of consumers.

Retailers at dozens of locations across the United States which used NCBP’s hardware and software to process payments may have been affected by the attack which is thought to have started on January 3 2019, and continued until January 24th.

Affected outlets include – amongst others – branches of Dunn Brothers Coffee, Someburros, Holiday Inn, and Zipps Sports Grill. Details potentially stolen by the unnamed malware include cardholder’s name, credit card number, expiration date, and CVV security code.

THere’s nothing really that consumers can do to avoid being hit by malware that has hit Point-of-Sales devices other than pay in cash.

Visitors to NBCP’s website are currently being greeted by a link to a stark announcement about the data breach.

The problem is, you’ve probably never heard of NCBP. It’s extremely unlikely that you know whether a restaurant, coffee shop or bar that you visited relied upon NCBP’s point-of-sales technology or not.

And the problem for NCBP is that although it can reach out to the 139 restaurants that it believes may have had their point-of-sales systems compromised, it has no way of contacting the actual customers who made purchases with the debit and credit cards.

After all, when you buy a coffee it’s normal to make a payment with your card. It’s not likely that you were asked for your address.

It seems to me that there are only two ways you’re likely to find out that you discover you have been impacted by the North Country Business Products security breach.

You’ll either notice (or have your bank notice) some suspicious purchases on your credit or debit card, or you’ll have visited the NCBP’s website and checked the long list of known establishments and locations included in the breach.

And just how likely is it that people will even hear about this breach, let alone go to check if they have purchased something from one of the affected restaurants?

If you do believe that you might have had your payment card details compromised, you may choose to place a security freeze on your credit file, stopping anyone else from accessing your financial details.

Scammers disguise themselves as divisions of the Central Bank of Russia

Cyber Criminals performed a large-scale attack on Russian banks in late 2018, they managed to steal $ 20 million.

The attackers disguised themselves as divisions of the Central Bank FinCERT and Alfacapital. It is known that the attacks were carried out by hacker groups Silence and Cobalt, who had previously organized cybercrime. Also along with them operated a new hacker group, which had not been seen before.

The scheme of crimes was the same: the scammers on behalf of the FinCERT division of the Central Bank sent out malicious documents with macros. In addition, a compromised account of an employee of the company Alfacapital was used.

Representatives of many banks confirm the frequent attacks. The criminals tried to penetrate the infrastructure of the financial organization for the withdrawal of money.

The IT-company Positive Technologies conducted their own statistics and found that over 201 million people suffered from such attacks in 2018.

Moreover, banking infrastructure was attacked in 78% of cases, web resources – 13 %, ATMs and POS-terminals – 9 %, personal data – 39% , credential theft , card information, trade secret – 5%, personal correspondence and other information – 8%.

In addition, on February 18, Kaspersky Lab recorded an increase in attacks by Buhtrap and RTM banking Trojans in Russia. At the end of last year, experts recorded an increase in the activity of the banking Trojan RTM 50 times, compared to 2017.