Self-Service Food Kiosk Vendor Avanti Hacked

ronjor · Jul 8, 2017

Avanti Markets, a company whose self-service payment kiosks sit beside shelves of snacks and drinks in thousands of corporate breakrooms across America, has suffered of breach of its internal networks in which hackers were able to push malicious software out to those payment devices, the company has acknowledged. The breach may have jeopardized customer credit card accounts as well as biometric data, Avanti warned.
Click to expand...

https://krebsonsecurity.com/2017/07/self-service-food-kiosk-vendor-avanti-hacked/

EASTER · Jul 8, 2017

On Friday evening, security firm Risk Analytics published a blog post that detailed an experience from a customer who shared a remarkably similar experience to the one referenced by the anonymous law firm source above.
Click to expand...

https://www.riskanalytics.com/blog/...o-a-break-room-near-you-point-of-sale-malware

EASTER · Jul 8, 2017

Further, this might also be of some interest. Looks like they turned to COMODO for some insurance against any repeat.

Reached for comment about these allegations, Bevo POS CEO Onur Haytac responded by acknowledging that a very small subset of its customers were indeed the victim of PoSeidon.

“Was Bevo POS ever breached? No, however, Windows was. Bevo POS is Point of Sale application (not cloud based) that is both PCI compliant and encrypts all credit card data,” he explained. “The malware identified, PoSeidon, which pushes itself with DLL injection and backdoor Trojans, is a keylogger with memory scraping that breached Windows, and as I’m sure you are aware, Microsoft’s security essentials anti-virus and windows updates do not recognize or stop many of the newer more unique threats. The same day we were alerted to a possible compromise, our engineers found an executable that had been recently installed in Windows at that location, called ‘Winhost.exe.’”

According to Haytac, the company learned of the incidents on March 15. He said the breach occurred with memory scraping as the data passed through while Windows was sending the data to the Bevo application, basically capitalizing on a ‘millisecond gap’ between the systems.

“A mere 0.26% of customers (13 out of 6,500) were effected and we not only identified the malware within 24 hours (5 days before it was publicly reported by the security experts), we had created a PoSeidon killer tool, and swept every customers machine within a week. Actual Windows breaches of our customers only occurred over a two day period.”

Haytac said the most frustrating aspect of the ordeal so far is that all of its customers have some form of Windows anti-virus software and that none of these applications were able to recognize the malware.

“So to prevent future possibilities of this ‘gap’ in the system being tapped again by relentless hackers, we have made an agreement with Comodo to create a new-age containment software that includes anti-virus,” he said. “We are pushing this to all our customers, closing the gap between these breach techniques and Windows OS. We are due to ship this weekend as we are in final stages of testing. Windows is obviously not our product to protect, however our customers are, so we are doing it regardless and without cost to them.”
Click to expand...

https://krebsonsecurity.com/2015/04/pos-providers-feel-brunt-of-poseidon-malware/

itman · Jul 8, 2017

The malware identified, PoSeidon, which pushes itself with DLL injection and backdoor Trojans,
Click to expand...

Sound familiar?

EASTER · Jul 8, 2017

itman said: ↑

Sound familiar?
Click to expand...

Yep.

It's made enough rounds already in the press that security measures should be stepped up everyplace where that potential might still be lurking.

Log in or Sign up

Self-Service Food Kiosk Vendor Avanti Hacked

ronjor Global Moderator

EASTER Registered Member

EASTER Registered Member

itman Registered Member

EASTER Registered Member

Log in or Sign up

Self-Service Food Kiosk Vendor Avanti Hacked

ronjor Global Moderator

EASTER Registered Member

EASTER Registered Member

itman Registered Member

EASTER Registered Member

Useful Searches