- A group of hackers are reportedly repurposing penetration testing tools to break into the networks of small and medium-size businesses worldwide, CIO reported.
- The goal of the attacks appears to be to infect point-of-sale systems with malware.
- The attacks started in September, and hackers are utilizing port scanners, brute-force password guessing tools, SMTP (Simple Mail Transfer Protocol) scanners, remote desktop viewers and other attack applications, according to Trend Micro.
Hackers are using the penetration testing tools to identify weak spots in the networks of various organizations.
"Networks with weak password practices are likely to fall victim to this initial penetration testing stage," Trend Micro researchers said.
Once the attackers break in, they then use additional tools to compromise PoS systems. Once they have access to a PoS system, the attackers “install a memory scraping program that scan the system's RAM for payment card details that are passed from the card reader to the retail software.”
According to Trend Micro, the attackers have compromised businesses in the U.S., Australia, India, Taiwan, Germany and the U.K.