Complex ModPOS Malware Infects Point-of-Sale Terminals in Lead up to Christmas Spend Frenzy

By Cameron Abbott and Meg Aitken

While the festive season approaches and retailers prepare for their busiest time of the year, a sophisticated form of point-of-sale malware, known as ‘ModPOS’, has reared its ugly head and is targeting payment terminals in the U.S.

It is estimated that the first ModPOS data hacks occurred in 2013 and that millions of credit and debit cards used at a broad variety of U.S. retailers have since been compromised. The unique complexity of the code, which experts say has never been seen before in malware, made it tricky to decipher.

Cyber security experts have warned that ModPOS has the ability to not only “scrape” credit and debit card numbers from the memory of point-of-sale terminals, but that the multifaceted code also records keystrokes of computer operators and transmits stolen data. If that isn’t enough, the malware is particularly difficult to detect and is reportedly capable of infiltrating despite security software and data controls.

More details about ModPOS malware can be found here.

Copyright © 2019, K&L Gates LLP. All Rights Reserved.