ABSTRACT
With the growing importance of cyber-physical system security, Point of Sale (POS) devices have become a target for attackers. Large-scale attacks on POS devices have frequently occurred over the past few years. Attackers try to access data using advanced malware. Technological advancement is helping to stop POS intrusions. With the introduction of mobile operating systems and the inclusion of mobile applications, new threats are opening for POS systems. New malware are implementing new algorithms to avoid existing detection techniques. In this book chapter, we describe examples of POS attacks. Different types of POS systems are discussed. The functionality of memory scraper and comparison between old BlackPOS and new malware is addressed. Network sniffers are always essential for leaking users data. A brief overview of network sniffers, along with the mechanisms used nowadays for POS attacks are also covered in this chapter. Research on mobile applications and the vulnerability we found in those applications are demonstrated with examples. Some examples of malicious applications along with algorithms they use to leak data are included. Mitigation approaches are proposed to defend against POS malware including application of secure mobile software development.
