Hundreds of POS systems infected with Nemanja botnet

Security

by CBR Staff Writer| 26 May 2014

The botnets could be a handiwork of a bad actor from Serbia.

Security researchers from IntelCrawler have detected botnets called Nemanja which said to have infected about 1500 POS terminals including accounting systems and grocery management platforms.

The compromised POS sytems are from Argentina, Australia, Austria, Bangladesh, Belgium, Brazil, Canada, Chile, China, Czech Republic, Denmark, Estonia, France, Germany, Hong Kong.

POS sytems have also been affected from countries including India, Indonesia, Israel, Italy, Japan, Mexico, Netherlands, New Zealand, Poland, Portugal, Russian Federation, South Africa, Spain, Switzerland, Taiwan, Turkey, UK, USA, Uruguay, Venezuela and Zambia.

The botnet affected POS systems could make small businesses and grocery stores from these countries vulnerable to attacks.

IntelCrawler said in a post, "We predict an increasing number of new data breaches in both sectors in the next few years, as well as the appearance of new types of specific malicious code targeted at retailers' backoffice systems and cash registers.

"The nature of POS-related crimes can be different from country to country, but it shows the insecurity of modern payment environments."

"The bad actors combine several attack vectors in order to infect operators' stations - "drive-by-download" and remote administration channels hacking."

According to the researchers, the botnets could be a handiwork of a bad actor from Serbia.

The researchers also expect that the POS malware could become a part of RAT/Trojans and other harmful software acting as a module, which may be used along with keylogger and network sniffing malware.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

761 people like this.
2017 people follow this.

Security Intelligence

Buy the latest industry research online today!
See more

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.