Malware designed for POS insertion is getting only more dangerous. Plus tablets being infected at time of manufacture. The cyber criminals never sleep.
This new ModPOS malware has taken advantage of a flaw in the internal in-store processing of debit and credit transactions still using magnetic stripes as well as using the new EMV Chip and Pin cards; the processing flaw, now known to the retail industry, is that the internal processing systems utilized by many major retailers does not support end-to-end encryption, and does not also properly encrypt data in memory, allowing that data to be captured and sent to distant cyber crooks. According to iSIGHT, “Criminals can then reuse card data, even from EMV cards, to make online (card-not-present) transactions.”