
As consumers, having the ability to make purchases using our debit or credit card certainly makes our lives easier. Unfortunately, with that ease comes risk. According to cyber-threat intelligence company IntelCrawler, the PoS (point-of-sale) systems of over 1400 worldwide small businesses and retailers have been infected by botnet “Nemanja,” potentially compromising the credit card data and other personally identifiable information (PII) of millions of consumers worldwide.
What Are Bots And Botnets?
Whenever you see the word botnet, just think of an unfriendly network of private computers that cybercriminals, otherwise known as bot-herder owners and operators, has infected with malicious viruses and malaware without the owners’ knowledge. Attacks come in the form of viruses, phishing and spam email, click fraud, and malicious sites. In simple terms, these criminals install malaware, harvest data, and go on to commit fraud.
Nemanja, in particular, utilizes keylogging and has mostly affected grocery management and accounting systems.
Some 2013 PoS Data
Here are some facts about PoS data breaches that might surprise you:
- 14% of confirmed data breaches were attributed to PoS
- PoS systems were leading hacker targets
- Brick-and-mortar retailers were the most common targets, e.g. restaurants, hotels, and grocery stores
Source: 2014 Verizon Data Breach Investigations Report
Has A Bot Invaded Your Home?
We recently wrote about the Blackshades RAT malaware and the threat it poses to consumers at home. Here are some additional symptoms you should look for should a bot succeed in installing malaware on your personal computer:
- Your computer’s moving at a slug’s pace
- A browser that’s cluttered with “stuff” you never downloaded
- Your computer settings have changed and you’re having trouble resetting them
- All of the sudden, you’re bombarded with pop-up ads
Short of paying cash, there’s very little that consumers can do to protect themselves from botnet attacks on PoS systems. As consumers, we’ll need to rely on retailers to do their part to keep our personal information safe. But if history is any predictor of the future, we’d be wise to regularly monitor our financial statements and credit reports. Whether it’s the Nemanja botnet, or next week’s botnet, botnets are indiscriminate and put our financial well-being at risk.