FIN8 tries to breach U.S. hotel with new malware variant, researchers say

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/fin8-tries-breach-u-s-hotel-new-malware-variant-researchers-say/

By Sean Lyngaas
CYBERSCOOP
June 11, 2019

A criminal hacking group tried to breach the computer network of a U.S. hotel 
using a variant of malware the group had last deployed in 2017, according to 
research from endpoint security firm Morphisec.

FIN8, as the financially-driven group is known, made several upgrades to its 
ShellTea malware, aiming it at the network of the hotel between March and May, 
according to Morphisec. Researchers believe it was an attempted attack on a 
point-of-sale (POS) system, or one that processes payment card data. The 
intrusion attempt was blocked.

In a blog post published Monday, Morphisec warned of the vulnerability of POS 
networks to groups like FIN8.

“Many POS networks are running on the POS version of Window 7, making them more 
susceptible to vulnerabilities,” wrote Morphisec CTO Michael Gorelik. “The 
techniques implemented can easily evade standard POS defenses.”

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_