Business owners using Point of Sales (POS) systems may need to add extra security. An extremely stealthy malware targeting credit card data has recently been detected which has been identified as Multigrain. This malware uses an integral and essentially unmonitored component of the internet, the Domain Naming System (DNS), to covertly steal information.
A Malware that Uses Undetectable Shortcuts
The overwhelming necessity and everyday use of DNS is what makes Multigrain so threatening. FireEye, the cyber security group that discovered Multigrain, said, “Using DNS for data exfiltration provides several advantages to the attacker.” Because DNS is necessary for POS operations, it is “unlikely to be blocked.”
Multigrain uses DNS to bypass antivirus tools. It sneaks its way into Windows processes that use credit card information, gathers financial data, and sends it to command and control servers through DNS. If you haven’t yet taken protective measures to prevent an attack on your company’s data, now is the time.
The Building Blocks of the Internet
If you are unfamiliar with DNS, you can think of it as the Yellow Pages of the Internet. It translates your language into a computer- and internet-friendly code. Each time you do something online, DNS will remember which “yellow page” to look up, so to speak, and will guide you more quickly and efficiently.
Gone Without a Trace
Multigrain is also equipped with a self-destruct function. If the malware does not find the server software package used for back-end authorization, it will not install and will delete itself. “This shows that while developing or building their malware, the attackers had a very specific knowledge of the target environment and knew this process would be running,” the researchers at FireEye said.
Tips To Help Prevent a Data Breach
While experts have not developed an exact solution for this malware, Forbes recommends backing up data often, investing in good antivirus software and using encryption for important files.
Experts are calling for a large-scale defensive upgrade in data protection and secure servers. If you believe your information may be at risk, call 816-781-3006 today.
