Sign up for our newsletter
Technology / Cybersecurity

Oracle PoS system whacked with data scraping malware, says Trend Micro

An Oracle point-of-sales (PoS) platform is under threat from malware designed to steal the credit card details of customers, according to the security vendor Trend Micro.

MalumPoS, which scrapes data from an infected machine’s random access memory, is thought to be targeting the 330,000 customer sites which interact with Oracle Micros, a platform which caters to the food, hospitality and retail industries.

Jay Yaneza, a threat analyst at Trend Micro, said in a blog post: "Every time the magnetic stripe of a credit card is swiped, the malware can steal stored data such as the cardholder’s name and account number.

"This data can then be exfiltrated and used to physically clone credit cards or, in some cases, commit fraudulent transactions like online purchases."

White papers from our partners

To infiltrate systems the virus was said to disguise itself as a Nvidia graphics driver, styling itself as "NVIDIA Display Driv3r", which could appear legitimate to the casual user.

Though the research from Trend Micro showed MalumPoS targeting Oracle systems, Yaneza said that the virus was "designed to be configurable", and could be altered to attack other sales systems from vendors such as Radiant or NCR.

He also said that the malware could target sales systems that work through the web browser Internet Explorer, which will soon be phased out as Microsoft introduces its successor Edge.

"A bulk of the companies using this platform is mostly concentrated in the United States," Yaneza said.

"If successfully deployed by a threat actor, this PoS RAM scraper could put several high-profile US-based companies and their customers at risk."

Oracle could not be reached for comment at this time.
This article is from the CBROnline archive: some formatting and images may not be present.