CenturyLink’s Black Lotus Labs unveiled that intruders are not still done with Alina, and they will continue to search for new methods for its usage to steal credit and debit card data of non suspecting victims.
Point-of-Sale is not the latest malware. However, on the contrary, Alina malware has been around for several years that cybercriminals are not still done with Alina and they are searching for new methods for stealing debit and credit card information of non-suspecting victims.
Point of Sale malware is a security threat
In April 2020, data theft was identified following one of Black Lotus Labs‘ machine-learning model’s flagged peculiar requests to a particular domain. Later after strict careful, it was regarded that the Alina POS malware was using Domain Name System (DNS). The theft data was penetrated through an outbound channel in DNS, a function that converts a website name to IP address.
Black Lotus Labs head, Mike Benjamin stated that the company is publishing this solution to help in achieving their goal to take maximum advantage of their global network perceptibility to secure their clients and keep the internet secure and clean. He further added that they will carry on with monitoring the current conditions as they work to eradicate the threat. They highly suggest that all companies and organizations observe DNS traffic for dubious queries to restrict current and future threats.
Importance of DNS
Credit card processing systems usually run on Windows environments which enables them to be aimed by current skills of the crimeware market. Even though credit card processing happens in extremely limited conditions, there may be cases where DNS goes unmonitored. As a result, it is exposed to cybercriminals that extract credit card information. Later the credit card information is sold in dark web criminal markets.