back to article Backoff malware attacks hit 'more than 1,000 big businesses', warns US government

A Point-of-Sale malware attack that struck shipping outfit UPS has compromised the networks of a "significant" number of major businesses in the US, according to the country's Homeland Security office. The US administration's Computer Emergency Readiness Team (CERT) advised administrators and operators of PoS systems to …

Anonymous Coward

I thought

POS stood for something else.

1
0
Silver badge

Re: I thought

In this case, I think it's the same thing.

4
0
Anonymous Coward

So this works because :

1) Windows is being used to run POS systems

2) The security is lax allowing any old software to be installed

3) The POS terminals apparently can connect to the internet.

Can I just ask Why?????

1
0
Silver badge

I can answer question 3. They connect to the internet to contact the bank in order to complete the transaction, and to record details of the sale in the head office inventory and accounting systems.

1
0
Anonymous Coward

But surely that would be all routed through a secure proxy - what seems to have happened here is that the POS system terminal has carte blanche to connect to the internet and to connect to any site that it wants....didn't ANYONE even consider that this was a very stupid thing to do?

1
0
Silver badge

Why?

I can answer all three:

-Not just Windows, but windows XP in most cases

-Again, windows XP

-POS terminals are using the Internet as a remote repair back door

Lovely, innit?

0
0
Silver badge

Most likely their security was out of date. Seen that FAR too many times.

0
0

Why not use Windows Hate?

Malware could never find anything because of jumping tiles in 8. Really, a simpler OS is likely safer. Just write them in DRDOS. and have a hardware firewall.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums