Malware News Shoddy server configuration gives researchers glimpse into PunkeyPOS

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
PandaLabs researchers claim to have hacked into the server that controls the PunkeyPOS malware, which has been targeting restaurants in the U.S.

Despite the password protections in place, PandaLabs was able to access the server without credentials because the bad guys behind the attacks didn't properly configure it, researchers said in a June 23 post.

Once in the server, researchers saw where PunkeyPOS sends the stolen information and were also able to see where nearly 200 POS terminal infections were located. Most of the victims were in the United States, however, there were a few in Europe, Asia and Australia.

Researchers also said they found a panel that allowed the criminals to access the stolen data, re-infect victims, and update current POS bots.The version number of the PunkeyPOS variant was dated April 1, 2016 meaning it was a recent campaign, according to the post.

Researchers said in the post that they left their findings “at the disposal of American law enforcement so they can take the appropriate actions.”


Full Article. Shoddy server configuration gives researchers glimpse into PunkeyPOS
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top