CERT-In warns about debit/credit card information stealing BrutPOS virus

CERT-In alerts internet users about BrutPOS, a deadly Trojan/Botnet malware prowling in the domestic cyberspace.

Published Date
29 - Jul - 2014
| Last Updated
09 - May - 2016
CERT-In warns about debit/credit card information stealing BrutPO...

Cyber security experts have alerted debit/credit card owners against 'BrutPOS' virus, which attacks Point of Sale (POS) business counters to steal confidential data like card number and passwords.

CERT-In stated that once the virus infects the system, it communicates with its command and control servers to update its status and receive commands or list of IP address range to be scan for RDP servers having weak or default credentials. Once installed, hackers can ex execute another malware in the hacked system that steals payment cards data including card holders name, CVV number, account number, etc from POS systems. The POS is the cash counter of an establishment where a customer makes online payment trough a debit/credit card. The advisory added that the malware also steals system information like sytem configuration, Operating System details, etc.

CERT-In stated, "It has been reported that malware variants targeting Point of sale (POS) systems, dubbed "BrutPOS", is spreading. BrutPOS mainly targets windows based system by leveraging web as the main infection vector apart from being downloaded by other malware families," the latest advisory by the agency said.

The agency has recommended some counter measures to check the new virus including keeping all POS systems thoroughly updated and locking out accounts after N number of incorrect login attempts. CERT-In also recommends enabling firewall at gateway or desktop level, and not visiting untrusted sources or links.

CERT-In has also alerted users against Bladabindi virus which steals personal information of a user through USB flash drives. According to reports the virus affects “Microsoft Windows operating system”. CERT-In has reported nearly 62,189 cyber attacks and has stated that 9,174 Indian websites were hacked by groups across the world till May this year. The latest numbers are a cause of concern for security sleuths and Internet users in India.