Backoff, virus targeting credit card data prowls in cyberspace

Cyber sleuths warn about a deadly Trojan virus which hacks and steals personal credit and debit card data in the Indian cyber space.

By Silky Malhotra Published Date
04 - Sep - 2014
| Last Updated
04 - Sep - 2014
Backoff, virus targeting credit card data prowls in cyberspace

CERT-in has warned about credit card information stealing virus dubbed "Backoff" in the Indian cyberspace. The agency warns that the virus is spreading through computer networks which use Windows as their operating systems.

The agency started that the virus can capture keystrokes and communicate with the command and control server for further hacking-like activity. It also possesses capability to inject malicious stub into Windows 'Explorer.exe' that works even if the malicious file crashes or is stopped forcefully. Cyber security sleuths warn that the malware remains "mostly undetected by the anti-virus vendors" which makes it very lethal.

"It has been reported that variants of malware family dubbed as 'Backoff' targeting Point of Sale (POS) systems are spreading. The malware mainly infects windows based systems. The malware propagates by scanning for systems with remote desktop applications enabled."

"Successful compromise allows an attacker to infect the systems further with the POS malware so as to steal customer payment cards data like card holders name, account number, expiration data, CVV code among others from POS systems," the CERT-In said in its latest advisory to Internet users in the country.

"The malware makes a network connection to various command and control servers and uses HTTP POST request to transfer the data of the victim system. The POST request generated from the victim machine consist of various parameters identifying different information about the infected machine," the advisory said about the virus which can acquire at least three aliases to hide its evil designs.

CERT-In has reported a 62,189 cyber attacks till May this year,  which is a cause of great concern. Last Month CERT-In had warned about 'BrutPOS' virus, which hacks Point of Sale (POS) business counters to steal credit/debit card number and passwords. The agency also warned about a multi identity Bladabindi virus that affects Microsoft Windows OS.

Source: ET