Hope you shop online and know how to avoid the scams on folks online.

This one’s the ultimate nightmare: It goes the 2013 Target breach one better. It goes deep into the computer system affected, and is highly encrypted so most antivirals will miss it (in the store’s computers). It can record what you type into the pad on the terminal at checkout…so it scrapes the buyer i.d., and numbers/pin.

“The actors behind the ModPOS software have exhibited a very professional level of software development proficiency, creating a complex, highly functional and modular code base that places a very heavy emphasis on obfuscation and persistence. Thus, ModPOS can go undetected by numerous types of modern security defenses.

ModPOS is highly modular and can be configured to target specific systems with components such as uploader/downloader, keylogger, POS RAM scraper and custom plugins for credential theft and other specialized functions like network reconnaissance. We believe other capabilities could also be leveraged. The modules are packed kernel drivers that use multiple methods of obfuscation and encryption to evade even the most sophisticated security controls.

We know that US retailers have been targeted and believe it is very likely that criminal actors are seeking to compromise additional victims beyond those identified.” – iSight

So…you sigh with relief…”I have an EMV card!” (the chipped card). Well, only 20% of the card market is EMV ready, so 80% isn’t and is vulnerable. Moreover, iSight maintains information skimmed or taken in an unencrypted portion of the network—not all are secure yet—can be used to make an online purchase.

Sources:

https://finance.yahoo.com/news/sophisticated-scam-targets-retailer-payment-191352635.html

http://www.isightpartners.com/2015/11/modpos/