253:
83:
Backoff
Malware was aggressive and about 16.2% been infected in the third quarter of 2014. The survey by Department of Homeland Security (DHS) states that thousands of businesses have been infected by Backoff POS Malware.
91:
records a 57 percent infection increase from
Backoff malware during August 2014. Big companies like Home Depot, Target and Dairy Queen suffered from Backoff infection and many more smaller companies may be infected.
74:
functionality. Some of the
Backoff variants have C2 component which helps the malware to upload the victim's personal data, download the malware onto the victim POS machine and to uninstall the malware.
70:. It searches this memory for leftover credit card data after a payment card has been swiped. Cybercriminals have mutated different variants of Backoff while some of the variants are equipped with
416:
264:
327:
342:
195:
101:
46:
use
Backoff to gather data from credit cards. It is installed via remote desktop type applications where POS systems are configured. It belongs to the
233:
297:
816:
424:
380:
656:
350:
319:
508:
809:
116:
773:
464:
868:
661:
802:
488:
851:
727:
417:"Q3 State of Infections Report Reveals 57% Increase in Backoff Malware from August to September - Damballa"
1238:
1099:
1223:
1167:
1047:
747:
402:
289:
1228:
1162:
888:
615:
66:
file to gain access to the POS machines and it scrapes the victim's machine memory from running the
1072:
549:
539:
106:
1192:
625:
121:
51:
372:
1011:
883:
676:
503:
610:
1233:
1031:
873:
825:
457:
47:
1122:
1006:
996:
878:
861:
783:
778:
737:
666:
524:
39:
168:
8:
1127:
1112:
909:
732:
17:
1187:
1177:
1132:
846:
717:
554:
534:
88:
67:
1202:
1142:
1117:
941:
742:
696:
605:
1016:
833:
757:
722:
450:
219:
1197:
1172:
1154:
1021:
958:
914:
752:
691:
595:
141:
712:
686:
493:
1217:
1077:
856:
671:
590:
498:
343:"New version of Backoff detected, malware variant dubbed 'ROM' - SC Magazine"
111:
63:
31:
1001:
963:
951:
926:
529:
320:"The 'Backoff' malware used in retail data breaches is spreading | PCWorld"
173:
16:
This article is about the malware. For backoff in computer networking, see
1182:
1107:
1057:
921:
681:
600:
260:
43:
35:
794:
1089:
1062:
1026:
640:
620:
585:
71:
1137:
1084:
980:
968:
630:
580:
946:
936:
931:
841:
1067:
1052:
973:
635:
544:
473:
442:
146:
27:
904:
575:
570:
254:"Memory Scrapping malware – Biggest Threat To the Retail"
290:""Backoff" Point-of-Sale Malware: What You Need To Know"
62:
Backoff malware injects the malicious stub into the
1215:
373:"Why POS Malware Still Works - BankInfoSecurity"
810:
458:
196:"Backoff malware hits credit card machines"
817:
803:
465:
451:
824:
403:"A Survey of Point-of-Sale (POS) Malware"
370:
220:"Backoff Malware used by Cybercriminals"
1216:
509:Timeline of computer viruses and worms
340:
287:
798:
446:
330:from the original on 26 October 2014.
379:. Information Security Media Group.
371:Schwartz, Mathew J. (6 April 2015).
341:Walker, Danielle (3 November 2014).
317:
300:from the original on 31 October 2014
193:
38:data from point of sale machines at
400:
169:"Backoff Malware complete overview"
34:(POS) systems. It is used to steal
13:
472:
383:from the original on 18 March 2016
117:List of cyber attack threat trends
14:
1250:
774:Computer and network surveillance
423:. 24 October 2014. Archived from
288:Walker, Zach (8 September 2014).
318:Kirk, Jeremy (24 October 2014).
409:
401:Sun, Bowen (15 December 2014).
394:
364:
489:Comparison of computer viruses
334:
311:
281:
246:
226:
212:
194:Lyne, James (26 August 2014).
187:
161:
134:
1:
728:Data loss prevention software
234:"Backoff malware-WHAT IS IT?"
127:
78:
57:
7:
1100:Software release life cycle
95:
10:
1255:
1168:Software protection dongle
1048:Unwanted software bundling
748:Intrusion detection system
50:family as it is known to
15:
1163:Digital rights management
1153:
1098:
1040:
989:
897:
832:
766:
705:
649:
616:Privacy-invasive software
563:
517:
481:
87:Network security company
1041:Deceptive and/or illicit
107:Cyber security standards
102:Cyber electronic warfare
1193:Software license server
626:Rogue security software
142:"About Backoff Malware"
122:Proactive Cyber Defence
869:Freely redistributable
662:Classic Mac OS viruses
504:List of computer worms
1032:Software as a service
826:Software distribution
1123:Software maintenance
997:Digital distribution
852:Free and open-source
784:Operation: Bot Roast
1128:Software maintainer
910:Commercial software
898:Compensation models
733:Defensive computing
650:By operating system
427:on 24 February 2017
353:on 10 November 2014
18:Exponential backoff
1239:Banking technology
1188:Software copyright
1178:Product activation
1133:Software publisher
847:Floating licensing
718:Antivirus software
564:Malware for profit
535:Man-in-the-browser
482:Infectious malware
1224:2014 in computing
1211:
1210:
1203:Torrent poisoning
1118:Long-term support
942:Pay what you want
792:
791:
743:Internet security
697:HyperCard viruses
606:Keystroke logging
596:Fraudulent dialer
540:Man-in-the-middle
270:on 20 August 2016
52:scrape the memory
1246:
1229:Computer viruses
1017:Product bundling
990:Delivery methods
889:Source-available
819:
812:
805:
796:
795:
758:Network security
723:Browser security
467:
460:
453:
444:
443:
437:
436:
434:
432:
413:
407:
406:
398:
392:
391:
389:
388:
377:BankInfoSecurity
368:
362:
361:
359:
358:
349:. Archived from
338:
332:
331:
315:
309:
308:
306:
305:
285:
279:
278:
276:
275:
269:
263:. Archived from
258:
250:
244:
243:
241:
240:
230:
224:
223:
216:
210:
209:
207:
206:
191:
185:
184:
182:
181:
165:
159:
158:
156:
155:
138:
54:of POS devices.
1254:
1253:
1249:
1248:
1247:
1245:
1244:
1243:
1214:
1213:
1212:
1207:
1198:Software patent
1173:License manager
1155:Copy protection
1149:
1094:
1036:
1022:Retail software
985:
959:Open-core model
915:Retail software
893:
828:
823:
793:
788:
767:Countermeasures
762:
753:Mobile security
701:
692:Palm OS viruses
657:Android malware
645:
559:
555:Zombie computer
513:
477:
471:
441:
440:
430:
428:
415:
414:
410:
399:
395:
386:
384:
369:
365:
356:
354:
339:
335:
316:
312:
303:
301:
286:
282:
273:
271:
267:
256:
252:
251:
247:
238:
236:
232:
231:
227:
218:
217:
213:
204:
202:
192:
188:
179:
177:
167:
166:
162:
153:
151:
140:
139:
135:
130:
98:
81:
60:
21:
12:
11:
5:
1252:
1242:
1241:
1236:
1231:
1226:
1209:
1208:
1206:
1205:
1200:
1195:
1190:
1185:
1180:
1175:
1170:
1165:
1159:
1157:
1151:
1150:
1148:
1147:
1146:
1145:
1135:
1130:
1125:
1120:
1115:
1110:
1104:
1102:
1096:
1095:
1093:
1092:
1087:
1082:
1081:
1080:
1075:
1070:
1065:
1060:
1050:
1044:
1042:
1038:
1037:
1035:
1034:
1029:
1024:
1019:
1014:
1009:
1004:
999:
993:
991:
987:
986:
984:
983:
978:
977:
976:
966:
961:
956:
955:
954:
949:
939:
934:
929:
924:
919:
918:
917:
907:
901:
899:
895:
894:
892:
891:
886:
881:
876:
871:
866:
865:
864:
859:
849:
844:
838:
836:
830:
829:
822:
821:
814:
807:
799:
790:
789:
787:
786:
781:
776:
770:
768:
764:
763:
761:
760:
755:
750:
745:
740:
735:
730:
725:
720:
715:
713:Anti-keylogger
709:
707:
703:
702:
700:
699:
694:
689:
687:Mobile malware
684:
679:
674:
669:
664:
659:
653:
651:
647:
646:
644:
643:
638:
633:
628:
623:
618:
613:
608:
603:
598:
593:
588:
583:
578:
573:
567:
565:
561:
560:
558:
557:
552:
547:
542:
537:
532:
527:
521:
519:
515:
514:
512:
511:
506:
501:
496:
494:Computer virus
491:
485:
483:
479:
478:
470:
469:
462:
455:
447:
439:
438:
408:
393:
363:
333:
310:
280:
245:
225:
211:
186:
160:
150:. 31 July 2014
132:
131:
129:
126:
125:
124:
119:
114:
109:
104:
97:
94:
80:
77:
59:
56:
44:Cybercriminals
9:
6:
4:
3:
2:
1251:
1240:
1237:
1235:
1232:
1230:
1227:
1225:
1222:
1221:
1219:
1204:
1201:
1199:
1196:
1194:
1191:
1189:
1186:
1184:
1181:
1179:
1176:
1174:
1171:
1169:
1166:
1164:
1161:
1160:
1158:
1156:
1152:
1144:
1141:
1140:
1139:
1136:
1134:
1131:
1129:
1126:
1124:
1121:
1119:
1116:
1114:
1111:
1109:
1106:
1105:
1103:
1101:
1097:
1091:
1088:
1086:
1083:
1079:
1076:
1074:
1071:
1069:
1066:
1064:
1061:
1059:
1056:
1055:
1054:
1051:
1049:
1046:
1045:
1043:
1039:
1033:
1030:
1028:
1025:
1023:
1020:
1018:
1015:
1013:
1012:Pre-installed
1010:
1008:
1005:
1003:
1000:
998:
995:
994:
992:
988:
982:
979:
975:
972:
971:
970:
967:
965:
962:
960:
957:
953:
950:
948:
945:
944:
943:
940:
938:
935:
933:
930:
928:
925:
923:
920:
916:
913:
912:
911:
908:
906:
903:
902:
900:
896:
890:
887:
885:
884:Public domain
882:
880:
877:
875:
872:
870:
867:
863:
860:
858:
855:
854:
853:
850:
848:
845:
843:
840:
839:
837:
835:
831:
827:
820:
815:
813:
808:
806:
801:
800:
797:
785:
782:
780:
777:
775:
772:
771:
769:
765:
759:
756:
754:
751:
749:
746:
744:
741:
739:
736:
734:
731:
729:
726:
724:
721:
719:
716:
714:
711:
710:
708:
704:
698:
695:
693:
690:
688:
685:
683:
680:
678:
677:MacOS malware
675:
673:
672:Linux malware
670:
668:
665:
663:
660:
658:
655:
654:
652:
648:
642:
639:
637:
634:
632:
629:
627:
624:
622:
619:
617:
614:
612:
609:
607:
604:
602:
599:
597:
594:
592:
591:Form grabbing
589:
587:
584:
582:
579:
577:
574:
572:
569:
568:
566:
562:
556:
553:
551:
548:
546:
543:
541:
538:
536:
533:
531:
528:
526:
523:
522:
520:
516:
510:
507:
505:
502:
500:
499:Computer worm
497:
495:
492:
490:
487:
486:
484:
480:
475:
468:
463:
461:
456:
454:
449:
448:
445:
426:
422:
418:
412:
404:
397:
382:
378:
374:
367:
352:
348:
344:
337:
329:
325:
321:
314:
299:
295:
291:
284:
266:
262:
255:
249:
235:
229:
221:
215:
201:
197:
190:
176:
175:
170:
164:
149:
148:
143:
137:
133:
123:
120:
118:
115:
113:
112:Cyber warfare
110:
108:
105:
103:
100:
99:
93:
90:
85:
76:
73:
69:
65:
55:
53:
49:
45:
41:
40:retail stores
37:
33:
32:point of sale
30:that targets
29:
26:is a kind of
25:
19:
1234:Cyberwarfare
1073:Trojan horse
1002:File sharing
964:Postcardware
952:Donationware
927:Crowdfunding
874:License-free
550:Trojan horse
530:Clickjacking
429:. Retrieved
425:the original
420:
411:
396:
385:. Retrieved
376:
366:
355:. Retrieved
351:the original
346:
336:
323:
313:
302:. Retrieved
293:
283:
272:. Retrieved
265:the original
248:
237:. Retrieved
228:
214:
203:. Retrieved
199:
189:
178:. Retrieved
172:
163:
152:. Retrieved
145:
136:
86:
82:
64:explorer.exe
61:
23:
22:
1183:Product key
1113:End-of-life
1108:Abandonware
1058:Infostealer
1007:On-premises
922:Crippleware
879:Proprietary
862:Open source
682:Macro virus
667:iOS malware
641:Web threats
601:Infostealer
518:Concealment
431:23 February
347:SC Magazine
261:Stormshield
48:POS malware
36:credit card
1218:Categories
1090:Shovelware
1063:Ransomware
1027:Sneakernet
706:Protection
621:Ransomware
586:Fleeceware
387:2015-04-06
357:2014-11-03
304:2014-09-08
294:Rippleshot
274:2014-01-03
239:2014-08-26
205:2014-08-26
180:2014-07-31
154:2014-07-31
128:References
72:keylogging
1138:Vaporware
1085:Scareware
981:Trialware
969:Shareware
631:Scareware
581:Crimeware
79:Incidents
68:processes
58:Operation
947:Careware
937:Freeware
932:Freemium
842:Beerware
834:Licenses
779:Honeypot
738:Firewall
525:Backdoor
421:Damballa
381:Archived
328:Archived
324:PC World
298:Archived
96:See also
89:Damballa
1068:Spyware
1053:Malware
974:Nagware
636:Spyware
545:Rootkit
474:Malware
147:US-CERT
28:malware
24:Backoff
905:Adware
611:Malbot
576:Botnet
571:Adware
476:topics
200:Forbes
174:Comodo
268:(PDF)
257:(PDF)
1143:list
1078:Worm
857:Free
433:2017
1220::
419:.
375:.
345:.
326:.
322:.
296:.
292:.
259:.
198:.
171:.
144:.
42:.
818:e
811:t
804:v
466:e
459:t
452:v
435:.
405:.
390:.
360:.
307:.
277:.
242:.
222:.
208:.
183:.
157:.
20:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.