Retailers Beware: TreasureHunter source code released

Recently, a cybersecurity research firm announced that another Point of Sale (POS) malware attack was released into the wild. In this instance, it was the source code for malware called TreasureHunter.

While the malware itself has been around since 2014, the fact that the source code is now readily available will likely spawn a new round of TreasureHunter variants. Enterprises should be vigilant and implement best practices to combat these types of attacks:

• Updates to security tools: Most of the enterprise-grade anti-malware solutions have signatures for these kinds of malware attacks. But detection is only as good as the latest definitions and signature updates. Companies should have an automated way of downloading and updating anti-virus and anti-malware definitions into their environments, ensuring that these tools are always running with the latest information.

• Updates to applications: POS systems have been prime targets for hackers for some time now, and the best of these systems provide application-level security to address these concerns. Companies need to make certain that they are running the latest version of these applications, especially when they have been updated to address security vulnerabilities.

• Updates to Infrastructure: Many of the vulnerabilities found today take advantage of antiquated IT infrastructure and security tools. Companies need to adopt and deploy modern security solutions – tools based on the principles of Zero Trust and identity-centric security solutions like those employed by software-defined perimeter technology. In the case of POS malware, network segmentation of critical credit card data is extremely important, and a mandated requirement by financial institutions and credit card companies.

These kinds of attacks will continue to proliferate through POS environments, as they are generally easy targets for bad guys. Implementing a modern information security strategy that includes best practices and tools based on zero trust principles will allow companies to proactively address these potential security vulnerabilities.

Chris Steffen is the technical director at Cyxtera, which delivers a secure platform for connecting and protecting dedicated infrastructure, private clouds and public clouds.