Serengeti protects against Backoff Malware

In the wake of an estimated 1000 breaches, including large North American retailers and following warnings from the United States Computer Emergency Readiness Team (US-CERT) and the Payment Card Industry Security Standards Council (PCI SSC), leading forensic investigator, Foregenix, has developed a cybercrime detection and prevention solution for retailers to protect their payment environments.

US-CERT estimates that over 1000 businesses have been hit by Backoff, with only a few already having identified that they have been attacked, meaning hundreds of infected businesses will be currently leaking sensitive data to fraudsters with potentially every card purchase taken in-store.

With recent analysis by Authentify estimating the true cost of the Target breach alone reportedly to be roughly $3.5 billion, retailers can’t ignore the risk.

Used to great effect to contain severe malware infestations across a number of well-known global retail brands, Serengeti, from Foregenix, provides cybercrime detection and prevention capabilities to retail organisations. The Foregenix forensic team is constantly identifying and researching emerging threats to ensure that clients remain protected.

While Backoff is an extremely clever and resilient piece of malware, using Serengeti will contain the data compromise and prevent Backoff from stealing any more data from the POS systems.

This will put a hold on any further compromise and provide the retailer time to implement more secure payment systems, such as EMV Chip and Signature or PCI Point-to-Point Encryption (PCI P2PE) , in order to mitigate the threat of future malware attacks on the POS systems.

Speaking about the solution, CEO of Foregenix, Andrew Henwood, said:

“Serengeti gives back control to the retailer following a compromise. The solution has been controlling one of the world’s most widely distributed attacks for over 18 months during and following a comprehensive forensic investigation. Deploying Serengeti has enabled the affected businesses to implement secure payment systems, while ensuring that their customers’ details are safe and allowing them to restore trust and limit the potentially crippling commercial impact.”

“As both US-CERT and the PCI SSC have identified, the issue of malware attacking the Point-of-Sale environment is a significant and growing threat and retailers need to act now to avoid becoming a victim.”

If you suspect you may have been infected, contact Foregenix on info@foregenix.com to see how Serengeti can help.