Point-of-Sale (POS) malware is nothing new, and the Alina malware – which cyber criminals use to scrape credit card numbers from POS systems – has been around for many years. New intelligence from CenturyLink’s Black Lotus Labs, however, revealed that criminals are not yet done with Alina, and they continue to find new ways to use it to steal unsuspecting victims’ credit- and debit-card data.
Read More: GlobalFintechSeries Interview with Patrick Turiano, Director of Marketing at Paysafe Group
The theft was discovered after one of Black Lotus Labs’ machine-learning models flagged unusual queries to a specific domain in April 2020. Rigorous research determined that the Alina POS malware was utilizing Domain Name System (DNS) – the function that converts a website name into an IP address – as the outbound communication channel through which the stolen data was exfiltrated.
“Black Lotus Labs is releasing this intelligence in support of our mission to leverage our global network visibility to protect our customers and keep the internet clean,” said Mike Benjamin, head of Black Lotus Labs. “We will continue to monitor this situation as we work to eliminate the threat. We strongly recommend that all organizations monitor DNS traffic for suspicious queries to prevent this and other threats.”
Read More: Healthfully and Paya Deliver Expanded Patient Care and Payments Through New Partnership
