Retailers Given Tips on Fighting “Backoff” Malware

September 3, 2014, Written By Bill Hardekopf
Malware Abstract Background

The “Backoff” malware that led to the massive Target breach last year is said to have infected more than 1,000 businesses in America, and now the Payment Card Industry is trying to protect retailers from an attack. The PCI Council issued a bulletin last week urging retailers to protect their Point of Sale (POS) systems.

The PCI suggests the following steps for merchants and restaurants who accept credit cards:

  1. Contact your antivirus provider to ensure that your software is up to date to combat Backoff malware and other programs like it.
  2. Run your antivirus program immediately.
  3. Review the system logs for signs of strange, unauthorized activity, especially for large data files sent to unknown locations.
  4. Update all default and staff passwords in the system.
The standards of the Payment Card Industry outline the security controls needed to help prevent hackers from penetrating a payment environment and installing malicious software that would jeopardize the protection of card data as it is being processed.The PCI Council also recommends merchants use “PCI-approved point-of-interaction (POI) devices,” which encrypt data and prevent the exposure of clear text data in POS systems.

“Attacks of this kind underscore the critical importance of a multi-layered approach to payment card security that addresses people, process and technology,” said a statement from the Payment Card Industry.



The information contained within this article was accurate as of September 3, 2014. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.