U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

US Food Payment Kiosk Vendor Avanti Markets Hacked, Biometric data stolen

US payment kiosk vendor Avanti Markets that installs its self-service payment devices in corporate breakrooms across America suffered a security breach. The US payment kiosk vendor Avanti Markets that installs its self-service payment devices in thousands of corporate breakrooms across America suffered a security breach. According to the popular investigator Brian Krebs who first reported the news, the systems of the company were infected […]

US Food Payment Kiosk Vendor Avanti Markets Hacked, Biometric data stolen

US payment kiosk vendor Avanti Markets that installs its self-service payment devices in corporate breakrooms across America suffered a security breach.

The US payment kiosk vendor Avanti Markets that installs its self-service payment devices in thousands of corporate breakrooms across America suffered a security breach.

According to the popular investigator Brian Krebs who first reported the news, the systems of the company were infected by a malware that stole customer data including names, e-mail addresses, credit card accounts as well as biometric data.

Avanti Markets, a company whose self-service payment kiosks sit beside shelves of snacks and drinks in thousands of corporate breakrooms across America, has suffered of breach of its internal networks in which hackers were able to push malicious software out to those payment devices, the company has acknowledged.” wrote Brian Krebs.”The breach may have jeopardized customer credit card accounts as well as biometric data, Avanti warned.”

The company admitted the breach and it is informing people that their data were exposed.

“On July 4, 2017, we discovered a sophisticated malware attack which affected kiosks at some Avanti Markets. Based on our investigation thus far, and although we have not yet confirmed the root cause of the intrusion, it appears the attackers utilized the malware to gain unauthorized access to customer personal information from some kiosks.” states the data breach notification issued by the Avanti Markets. “Because not all of our kiosks are configured or used the same way, personal information on some kiosks may have been adversely affected, while other kiosks may not have been affected.” 

Biometric data that were allegedly stolen by hackers are fingerprints, used by the company to allow users to make rapid payments.

Avanti Markets already notified law enforcement the security breach and launched an internal investigation. In response to the security breach, the company cleaned the affected machines, changed its passwords, blocked payment processing at affected locations.

Avanti Markets will offer affected individuals free credit monitoring and a call centre helpline.

“Another source told this author that Avanti’s corporate network had been breached, and that Avanti had made the decision to turn off all self-checkouts for now — although the source said customers could still use cash at the machines.” continues Krebs.

According to a Krebs’s source that has spoken under a condition of anonymity, the company did not adopt basic security measures to project data, such as the P2Pe encryption.

“I was told that about half of the self-checkouts do not have P2Pe,” the source said, on condition of anonymity. P2Pe or “point-to-point encryption,” and it’s a technology that encrypts sensitive data such as credit card information at every point in the card transaction.

“In theory, P2Pe should be able to protect card data even if there is malicious software resident on the device or network in question.” 

The analysis conducted by Risk Analytics revealed that cyber criminals used the PoSeidon malware, a memory scraper malware that is able to steal data directly from the memory of the PoS systems. According to the experts, the PoS malware was used by Russian cybercriminals to target payment systems worldwide.

Avanti Markets hacked

Cisco Security Team spotted for the first time the malware in March 2015, the experts defined it as the most sophisticated PoS malware at the time of the discovery.

Experts at Risk Analytics believes the threat actor has been active since 2015, they observed that the traffic they identified matched Cisco’s 2015 analysis of PoSeidon and uses the same SSL certificate spotted by Cisco experts in past investigation.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Avanti Markets, PoSeidon POS malware)

[adrotate banner=”13″]