Researchers have uncovered a new cybercrime campaign that is targeting restaurants, cinemas and other retailers in the entertainment and hospitality industries with point-of-sale (POS) malware, with the aim to steal credit card information from customers. Going by the name of DMSniff, the malware is thought to have originated in 2016 but has managed to keep a low profile since. The key targets of DMSniff are small- and medium-sized companies that rely heavily on card transactions, such as the food, hospitality and entertainment industries.
What makes this malware unique is its ability to use a domain generation algorithm (DGA) to create command-and-control domains on the fly, helping it to resist takedowns and bypass simple blocking mechanisms. This is beneficial for the attackers because if domains are taken down by law enforcement or hosting providers, the malware can still communicate with the compromised POS device — and continue to transfer stolen data.
Expert Comments Below:
Javvad Malik, Security Advocate at AT&T Cybersecurity:
“Cybercriminals will often try to maximise their return on investment by going after mid-sized companies. Such companies usually have enough cash flowing through their systems to make the attack financially viable, and many times mid-sized companies do not invest enough incybersecurity controls either due to lack of budget or because it is not a priority.
It is essential for small and mid-sized companies to look at the threats they face seriously and invest in the appropriate security controls to protect, detect, and recover from any attacks. Where capabilities are not available in-house, a third party such as an MSP can be engaged to fill the gap.”
