Microsoft patched a zero-day vulnerability in the Windows operating system that was used in real-world attacks to escalate user privileges and help crooks deliver malware to PoS (Point of Sale) systems.
Security firm FireEye says the criminal group behind this campaign targeted more than 100 North American businesses, mainly in the retail, hospitality and restaurant industries.
The group created its own brand of malware
The company also reveals the presence of two never seen before malware families, PUNCHBUGGY and PUNCHTRACK, used only by this threat group.
PUNCHBUGGY is a simple DLL file, but modified to allow crooks to request and download files from a remote server via HTTPS. PUNCTRACK is a classic PoS malware that can scrape the memory of PoS systems for Track 1 or Track 2 card data.
FireEye says that on March 8, they saw a new exploit against the Windows platform employed in this group's campaign.