Targeted Malware Used in Florida Restaurant PoS Breach
Lucian Constantin writes on Softpedia Security News:
A $200,000 credit card fraud is suspected to have resulted from hackers compromising the Point-of-Sale (POS) system at a Florida restaurant with malware specifically designed for it.
Dave Wendland, the owner of Julie's Place, a Tallahassee eating house dating back to 1978, began learning from his customers of fraudulent out-of-state charges on their credit cards back in July.
Soon afterward he was contacted by the Leon County Sheriff's Office Financial Crimes Unit, which was investigating a $200,000 fraud involving over 100 payment cards, that were all used at his business.
The investigation is still underway, but a technician with the company that installed the Point-of-Sale system at the restaurant has found evidence that hackers penetrated its firewall and deployed malware specifically targeting that model of card terminals.
The terminals are called Aloha and are manufactured by Radiant Systems, one of the largest providers of such systems in the country.
According to BankInfoSecurity, a Radiant representative stressed that the company's product is not vulnerable and blamed the restaurant for not employing enough security layers, as required under PCI.