Criminal hacking group FIN8, known for a flurry of attacks in 2017 followed by a period of silence in 2018 until re-emerging earlier this year, has recently carried out three attacks against point-of-sale (POS) systems, including two against North American fuel dispenser merchants, Visa Payment Fraud Disruption said.
Visa said the attacks on fuel dispenser merchants aimed to steal credit card data directly from the POS systems. As is usually the case, the hacker’s success was due to a mix of human mistakes and lack of proper security protocols.
To steal credit card data, hackers need to go through a number of steps. In the FIN8 attack, it started with an employee opening a phishing email, which installed a Remote Access Trojan (RAT) on the merchant network and granted the threat actors network access.