‘Backoff’ Malware Steals Directly From POS Systems

‘Backoff’ Malware Steals Directly From POS Systems

Whenever new of the latest data breach hits the airwaves, chances are, it’s already too late. Why? As stories gain coverage, consumer awareness rises and  preventative measures start being implemented, which is exactly why cybercriminals are constantly upping the ante to stay ahead of the curve. 

With that in mind, every day new malware threats emerge, developed with the intent of infiltrating and infecting computers to enable hackers to steal valuable private information from businesses. The “treasure” malicious hackers are after can vary, yet personal data and payment card information such as credit card numbers are top targets.


Point-of-Sale (POS) outlets (which have become standard in small business environments for payment card processing) connect to online systems and present an extremely enticing target for cybercriminals using malware for their exploits. One of the most effective exploits in recent years has proven to be the Backoff group of malware programs, which specialize in spreading to POS software running on Windows systems.

Backoff Forwards Customer Data to Criminal Hackers

Backoff attacks begin when hackers penetrate the defense systems of the computers involved in business processes. Vulnerabilities such as unprotected internet connections, weak passwords and outdated firewalls let hackers into your IT systems with greater ease.

At this point, the attacker downloads files into your computers that are encoded to avoid detection, while simultaneously uploading private data back to his computer. Backoff malware is particularly effective because of its ability to accept patches that help the program evolve to remain hidden while discovering new sources of potentially valuable information.

Since Backoff attaches to POS systems, this malware is adept at recording credit card numbers, names, addresses, account information and any other personal or financial information that criminals can use to steal funds or commit identity theft.

Prevention Avoids Punishment

Companies such as Supervalu and Dairy Queen have experienced data theft by hackers using Backoff, leading to the compromise of millions of credit cards and countless reams of private customer data. In fact, more than 1,000 retailers may already suffer from data theft due to this group of malware. Even worse, many of these companies still might not know that they’ve been compromised.


Considering a recent court ruling that allows the FTC to pursue damages due to negligent online security, companies need to make sure that all potential vulnerabilities become sealed off from online attacks. Taking care of the basics is no longer just an important part of building trust with customers; it’s also a legal requirement that must be upheld to avoid prosecution.

Implementing the best-fit protections against malicious infiltration means that your business needs to cover multiple vectors of attack. Wireless routers, hard drives and cloud storage should be encrypted. Firewalls and anti-virus programs should repel intrusions. IT systems shoul be consistently monitored and configured to immediately report unauthorized users.

Having a complete suite of online security diminshes the power of malware intrusions to help make sure attacks like Backoff doesn’t have a chance. A cost-effective solution that provides maximum protection involves partnering with a trusted managed service provider (MSP). With the help of full service IT support team, you can even the playing field, to give your small to medium-sized business (SMBs) the same lockdown security enjoyed by large enterprises.

Know you need to get started but feeling a bit overwhelmed by PCI-DSS Compliance or cybersecurity in general? Get started with a free onsite network assessment today to identify your existing vulnerabilities before the bad guys do!

Comments are closed.


San Francisco Office
315 Montgomery St., 9th Fl
San Francisco, CA 94104

P 415-759-8500

Concord Office
1800 Sutter St., Ste 680
Concord, CA 94520

P 925-459-8500