What to do in the wake of the Backoff malware attack

Consumer Reports

July 31, 2014 at 6:45 PM

Retailers, restaurants, and other businesses have a new form of malware to fight, called Backoff. This latest form of cybercrime attacks remote-desktop applications that are used by point-of-sale systems, picking up credit cards and other consumer information along the way.

Details about Backoff were released today in a report by the Department of Homeland Security and the U.S. Secret Service. The malware is so new that anti-virus programs don't yet have the signatures to detect it.

About 600 brick-and-mortar businesses, large and small, were affected by the malware, according to Karl Sigler, threat intelligence manager for Trustwave, a security company that helped uncover the malware. Names of the businesses have not been released yet, since a criminal investigation is ongoing.

Backoff allows cybercriminals to infiltrate the remote-access software often used by vendors of point-of-sale systems when problems arise with those systems. Once Backoff gets access to the remote software (often because of weak passwords), it waits for credit-card info to be entered, encrypts it, and sends the numbers to cyberthieves, Sigler said. Backoff can both log keystrokes, for example when a clerk manually enters a credit card number, or scrape credit and debit card data from the system’s memory.

Check our buying guide and Ratings of security software. And learn more about online security.

“There have been no signs of fraudulent activity [on credit cards] yet,” Stigler said. “It can be alarming, but in the end, this is just shining a light on the fact that these vendors aren’t using best practices to prevent this kind of attack.”

Ironically, he adds, online shopping is a bit more secure than shopping in physical stores. “Your own computer is more in your control,” Stigler said.

—Donna Tapellini

Yahoo Sports
Based on the odds, here's what the top 10 picks of the NFL Draft will be
What would a mock draft look like using just betting odds?
22h ago
Yahoo Sports
WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not
Here are five franchises who stood out, for better or for worse.
8d ago
Yahoo Sports
Report: Jets trading QB Zach Wilson to Broncos
Wilson's starting over in Denver.
22h ago
Yahoo Sports
NFL mock draft 2024: With one major trade-up, it's a QB party in the top 5
Our final 2024 mock draft projects four quarterbacks in the first five picks, but the Cardinals at No. 4 might represent the key pivot point of the entire board.
2d ago
Yahoo Sports
Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions
Reid's deal reportedly runs through 2029 and makes him the highest-paid coach in the NFL.
16h ago
Yahoo Life
Here’s when people think old age begins — and why experts think it’s starting later
People's definition of "old age" is older than it used to be, new research suggests.
1d ago
Yahoo Sports
Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion
The Red Sox were already mourning the loss of Tim Wakefield from that 2004 team.
3d ago
Yahoo Sports
Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal
Cortés' attempt didn't fool Andrés Giménez, who fouled off the pitch.
3d ago
Yahoo Sports
Ryan Garcia drops Devin Haney 3 times en route to stunning upset
The 25-year-old labeled "mentally fragile" by many delivered the upset for the ages.
2d ago
Autoblog
The new Ford Mustang's V8 is available as a crate engine
Ford offers the new Mustang's updated 5.0-liter Coyote V8 as a crate engine, and it also sells a supercharger kit that unlocks a total of 810 horsepower.
1d ago
Autoblog
The 10 car brands most expensive to maintain over 10 years
Consumer Reports' ranking of the most- and least-expensive vehicles sounds a concerning alarm bell about a few European brands.
1d ago
Yahoo Sports
Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal
Dan Wetzel, Ross Dellenger & SI’s Pat Forde react to the huge performance this weekend by Texas QB Arch Manning, Michigan and Notre Dame's spring games, Jaden Rashada entering the transfer portal, and more
20h ago
Yahoo Sports
Lions' new uniforms get leaked early, and they find some humor in it
The Lions' new uniforms got released prematurely.
5d ago
Yahoo Sports
Yankees manager Aaron Boone ejected after fan mouths off to home plate umpire
You don't see an ejection like this every day.
22h ago
Yahoo Sports
Pass or Fail: Broncos release 'Mile High Collection,' first new uniforms in over 25 years
The Broncos may have committed the greatest fashion faux pas there is: being boring.
1d ago
Yahoo Sports
Robert Kraft reportedly warned Falcons owner Arthur Blank not to trust Bill Belichick during head coach interviews
Bill Belichick's former boss Robert Kraft reportedly tanked his chances of getting hired as the Falcons head coach.
6d ago
Yahoo Sports
Arch Manning puts on a show in Texas' spring game, throwing for 3 touchdowns
Arch Manning gave Texas football fans an enticing look at the future, throwing for 355 yards and three touchdowns in the Longhorns' Orange-White spring game.
3d ago
Yahoo Sports
NBA Playoffs: Lillard sinks the Pacers, Celtics-Heat controversy, plus injury concerns for Kawhi & Embiid
Vincent Goodwill and Amin Elhassan react to (just about) every Round 1 game of the NBA Playoffs after the first games have been played over the weekend.
18h ago
Yahoo Sports
Tom Brady will be mercilessly mocked in Netflix's 'Greatest Roast of All Time' comedy special
Get ready for a lot of jokes about Tom Brady never eating strawberries and divorcing one of the most successful supermodels in history.
1d ago
Yahoo News
A rare 'devil comet' will reach peak brightness this weekend. Here's how you can see it.
On Sunday, the rare devil comet will reach its closest point to the sun, creating an illuminating sky show. Here is how skygazers can watch it.
3d ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

Trump's hush money trial resumes as ex-National Enquirer boss testifies

What to do in the wake of the Backoff malware attack

Recommended Stories

Based on the odds, here's what the top 10 picks of the NFL Draft will be

WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not

Report: Jets trading QB Zach Wilson to Broncos

NFL mock draft 2024: With one major trade-up, it's a QB party in the top 5

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

Here’s when people think old age begins — and why experts think it’s starting later

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal

Ryan Garcia drops Devin Haney 3 times en route to stunning upset

The new Ford Mustang's V8 is available as a crate engine

The 10 car brands most expensive to maintain over 10 years

Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal

Lions' new uniforms get leaked early, and they find some humor in it

Yankees manager Aaron Boone ejected after fan mouths off to home plate umpire

Pass or Fail: Broncos release 'Mile High Collection,' first new uniforms in over 25 years

Robert Kraft reportedly warned Falcons owner Arthur Blank not to trust Bill Belichick during head coach interviews

Arch Manning puts on a show in Texas' spring game, throwing for 3 touchdowns

NBA Playoffs: Lillard sinks the Pacers, Celtics-Heat controversy, plus injury concerns for Kawhi & Embiid

Tom Brady will be mercilessly mocked in Netflix's 'Greatest Roast of All Time' comedy special

A rare 'devil comet' will reach peak brightness this weekend. Here's how you can see it.