Visa has identified three separate attacks that began last summer targeting gas station and hospitality merchant’s point of sale systems with the cybergang Fin8 being considered the likely perpetrator.
The credit card company’s Payment Fraud Disruption department found that two unnamed “fuel dispenser merchants” and a North American company in the hospitality field were infiltrated, injected with malware that was used to either directly or indirectly steal payment card data.
The attacks took place during the summer of 2019 and went after track 1 and track two-type payment cards, those using magnetic strips. Cards based using EMV chip, point-to-point encryption and tokenization were not affected. No details on the number of customers impacted was given by Visa.
The attack on the first gasoline retailer utilized a phishing attack on a company employee to gain access and once this was accomplished installed a remote access trojan. The criminals then scouted out the network and were able to move laterally through the network to the POS system due to the lack of network segmentation between the cardholder data environment and the corporate network.
Once ins ..
Support the originator by clicking the read the rest link below.
