The Indian Computer Emergency Response Team (CERT-In) has issued a warning of the new malware which has been identified as BrutPoS.
CERT-In which works under the department of information technology said “It has been reported that malware variants targeting point-of-sale (POS) systems, dubbed ‘BrutPOS’, is speading.”
“BrutPOS mainly targets Windows-based system by leveraging web as the main infection vector apart from being downloaded by other malware families,” it added.
Head of business development at SISA Information Security, Nitin Bhatnagar said “BrutPOS malware identifies the system that has weak username/passwords and tries to exploit them. These username-passwords combinations are typically default like admin-admin or admin-password.”
“Although we can get an idea of the number of devices that are infected, we cannot identify the devices themselves. The malware is designed in such a manner that it does not have a label and is named identical to some of the Windows system files,” he added.
POS devices based on internet protocol (IP traffic) gets affected by the new malware; card machines connected through phone lines will not be affected.