Have you heard of DMSniff?
If you're in the restaurant, entertainment, or retail business and you haven't heard of it, this article is likely to dismay you. It's the latest threat being deployed against those industries.
Researchers from the cybersecurity company Flashpoint now believe that DNSniff malware has been lurking in the wild since at least 2016.
It has proved to be notoriously hard to detect, which explains why we're just now hearing about it. Even worse, the hackers behind the software have been specifically targeting small to medium-sized companies that rely heavily on credit card transactions to survive, These companies don't typically have the resources to deploy state of the art security measures.
The details
One of the key features of this malware strain is that it uses a DGA (Domain Generation Algorithm) to create command and control domains on the fly, which makes it incredibly resistant to blocking mechanisms and takedowns. For instance, if law enforcement officials raid a site, confiscate servers, and shut down a domain, DNSniff keeps doing its thing. It will simply spawn a new command and control domain and continue to transmit stolen data.
Although DGA's are employed by other forms of malware, finding it built into the core functionality of code designed to be injected and run on POS machines is a new twist the researchers hadn't seen coming.
In addition to that, DNSniff also utilizes a string-encoding routine, which enables it to hide even when actively searched for. This makes it more difficult for security personnel to uncover the inner workings of the code.
Our perspective
The goal for the hackers, of course, is to siphon off as many credit card numbers and as much other payment information as they can. They then bundle the stolen data and resell it on the Dark Web. The group behind DNSniff has been wildly successful. If you're in any of the businesses we mentioned at the start, make sure your staff is aware of this latest threat, and stay on your guard.
The author
Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available at dwpia on LinkedIn, at dwpia on Facebook, and @dwpia on Twitter.
Denis S Wilson
I am President and Principal Consultant for DWP Information Architects: specializing in managed IT support for smaller healthcare practices, clinics, insurance companies, and nonprofit companies in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance.
I am also a published author and speaker, working extensively with organizations that include: the State of California, the Federal Bureau of Investigation (FBI), the Small Business Administration (SBA), SCORE, Women's Business Centers, and Small Business Development Centers. As well as providing small business technology education programs through business and professional associations.
Contact me if you would like me to speak at your meeting.
Meanwhile, check out this report
Executive Report: 10 Hidden IT Risks That Might Threaten Your Business
