Backoff Retail Malware Pulls User Info From POS Systems

While Backoff is only now being publicly disclosed, it has already had a large impact. Sigler noted that Trustwave is currently working on four post-breach forensics investigations that involve the Backoff malware. Across all four, nearly 600 businesses have been infected, and he expects more to come in.

In a brute-force attack, the hacker repeatedly tries username and password combinations until they gain access. According to US-CERT, as of July 31, antivirus technologies were not detecting Backoff, though that is now likely to change, thanks to the advisory.