Retailers and other locations which work with card payments on a regular basis are under threat by a new type of malware, MagikPOS, which actively targets point of sale devices. Although the malware has currently been focused on targeting devices in Canada and the United States, there are chances of it spreading across the world in the upcoming future.
The information regarding the existence of the malware came out recently through security researchers, Trend Micro, who mentioned that the malware was being used to attack businesses across North America. Reports suggest that over 23,000 credit cards have become a victim of this malware which has only been doing the round since January 2017.
The biggest difference between MagikPOS and other malware of the same type is in its deployment. Researchers have found that MagikPOS victims are mapped out in advance which clearly shows that the perpetuators carefully select the victim before making a move.
Further research showed that the malware is not directly distributed through physical access to the device. MagikPOS is said to make its way into the system after it has been successfully infiltrated with a remote access Trojan.
Reports suggest that all major card issuers including American Express and Diners Club are plausible targets at the moment. The malware can extract all track data from every single payment card including the PIN code, allowing the perpetuators to sell the information for high prices on the darknet as “credit card dumps”.
The source of the malware remains cloudy as it is written in the .NET programming language which is rare among malware authors, making it unlikely that researchers have dealt with this perpetuator before. Having said that it is only a matter of time and research which would tell whether a solution can be found to tackle MagikPOS or not.