There is a constant threat looming over the POS (Point-Of-Sale) of the North American fuel dispenser system. Moreover, the attack is supposedly carried out by the cybercrime groups, as reported by the security alert published by VISA.
According to the PFD ( Visa Payment Fraud Disruption), there have already been their attacks on the organization during the summer of 2019. There was a warning given in the last year of November as well. The Warning was a stern statement regarding the increasing attacks of threat groups. The leading cause of these attacks has been pointed out due to a lack of security concerns and not compliance with the PCI, as per the reports of DSS.
Fuel Dispenser Merchants Are The Real Victims
According to the reports of the PFD, in the first incidents of attacks, the attackers used phishing emails. This helped them enormously to compromise with their target. Therefore, allowing them to easily infect systems working on RAT (Remote Access Trojan). Once with the RAT, there was direct access to the network. Thereby, all the credentials with high-level security were easily accessed through the company’s POS system.
The attackers in their last stage deployed a RAM scraper. This helped them to collect all the information related to the customer payment card data. This was how the attackers precisely carried on their first attack.
However, in the second and third attacks, they used malicious tools. As per the reports of the PFD, during the later attacks, these people used TTP (Tactics, Techniques, and Procedures), which was one step above the previous attacks. Moreover, during the later attacks, these cybercriminals attacked the financially secure FIN8 cybercrime Group as well.
As part of the plan of the second attack, the attackers use the unknown location to get all the network access. Thereby, they could easily affect the network access with the previously used theory of RAM Scrapper. This was also the idea followed in the third attack, as well.