Retail Breaches: The Malware Source

McAfee Asserts POS Malware Sold in Underground Marketplace
Adam Wosotowsky
Attackers likely purchased malware in underground "cybercrime-as-a-service" markets to use in recent credit card breaches, including the Target Corp. attack, a new report from McAfee Labs asserts. Adam Wosotowsky explains the report's findings.

Malware is readily available in the underground market for use in point-of-sale attacks, says Wosotowsky, McAfee Labs' messaging data architect, who co-authored the company's latest quarterly threats report. Attackers can even outsource the hacking itself to a partner of malware providers, he contends.

"It's a very healthy marketplace, unfortunately. And we're hoping to call attention to it," he says in an interview with Information Security Media Group.

'Cybercrime Ecosystem'

The new report states that credit card breaches in the fourth quarter of 2013 were supported by "the cybercrime ecosystem."

The report continues: "The breaches were unprecedented in numbers of records stolen, but what is even more notable is how well the malware industry served its customers. The attackers purchased off-the-shelf point-of-sale malware, they made straightforward modifications so they could target their attacks, and it's likely that they both tested their targets' defenses and evaded those defenses using purchased software.

"They even had a ready and efficient black market for selling the stolen credit card information, including an anonymous, virtual-currency-based point-of-sale payment system. Raw materials, manufacturing, marketplace, transaction support- all there for thieves to use."

In the interview, Wosotowsky explains:

  • How malware providers service their customers;
  • Why hackers don't have sophisticated skills because malware providers will tailor specific attack plans for their customers; and
  • How organizations should protect themselves from the latest cybercrime trends.

In addition to covering the cybercrime industry and its role in point-of-sale attacks, the McAfee Labs quarterly report also addresses compromised certificate authority models, zero-day exploits and mobile malware.

At McAfee Labs, a unit of Intel, Wosotowsky has been messaging data architect since January 2012. For the previously four years, he served as the company's senior anti-spam research analyst.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.