As if the number of hacking threats against¬†point of sale terminals was not troublesome enough, a new banking malware is making the rounds. Floki Bot is targeting financial institutions and POS data¬†in the US, Brazil, and Canada. This banking malware draws many similarities to Zeus, another infamous Trojan. All of this goes to show that Bitcoin payments remain, by far, the most secure payment solution in the world right now.
Floki Bot Banking Malware Is A Grave Concern
Consumers and enterprises relying on traditional finance have seen their fair share of issues in recent years. Not only are banks behaving in an immoral manner now and then, but hackers and criminals are targeting the financial sector more often than not. Banking malware is of primary concern of late, as the number of threats continues to grow.
Floki Bot, a newly discovered Trojan targeting point of sale systems, has security researchers concerned more than ever before. Both Cisco Talos and Flashpoint issued similar reports on the new Trojan, as the malware is on a steady march towards becoming a global threat. More Importantly, dark web users are also getting their hands on this source code due to its unprecedented potential.
The fact this malware can be bought and sold on the darknet is not a positive development for point of sale terminal owners by any means. Cybercriminals always try to leverage the latest tools to attack systems and monetize their efforts. Floki Bot may provide them with exactly that opportunity, as there is no fix in place just yet.
Some people may recall the Zeus banking Trojan, which was infamous in 2011 and 2012. Floki Bot, although existing in multiple iterations, borrows a lot of the source code form Zeus. But there is a different method of obtaining the malware right now, as the person selling this malware is a top player in the online criminal circuit.
The Infecting of¬†point-of-sale terminals will, in most cases, occur through a remote execution attack. People are redirected to visit websites laden with the malware payload or open a Word macro in an email that will install the Trojan itself. Some spear phishing attempts have been recorded as well, indicating that criminals are not shy of targeting a large community of potential victims.
Point-of-sale terminals are of particular interest to criminals because of the vast amounts of payment data they process. Payment cards are a valuable commodity on the darknet. Bitcoin users will not be targeted by this banking malware, though, as cryptocurrency operates well beyond the scope of traditional finance.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.