View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Hundreds of POS systems infected with Nemanja botnet

The botnets could be a handiwork of a bad actor from Serbia.

By CBR Staff Writer

Security researchers from IntelCrawler have detected botnets called Nemanja which said to have infected about 1500 POS terminals including accounting systems and grocery management platforms.

The compromised POS sytems are from Argentina, Australia, Austria, Bangladesh, Belgium, Brazil, Canada, Chile, China, Czech Republic, Denmark, Estonia, France, Germany, Hong Kong.

POS sytems have also been affected from countries including India, Indonesia, Israel, Italy, Japan, Mexico, Netherlands, New Zealand, Poland, Portugal, Russian Federation, South Africa, Spain, Switzerland, Taiwan, Turkey, UK, USA, Uruguay, Venezuela and Zambia.

The botnet affected POS systems could make small businesses and grocery stores from these countries vulnerable to attacks.

IntelCrawler said in a post, "We predict an increasing number of new data breaches in both sectors in the next few years, as well as the appearance of new types of specific malicious code targeted at retailers’ backoffice systems and cash registers.

"The nature of POS-related crimes can be different from country to country, but it shows the insecurity of modern payment environments."

"The bad actors combine several attack vectors in order to infect operators’ stations – "drive-by-download" and remote administration channels hacking."

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

According to the researchers, the botnets could be a handiwork of a bad actor from Serbia.

The researchers also expect that the POS malware could become a part of RAT/Trojans and other harmful software acting as a module, which may be used along with keylogger and network sniffing malware.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.