Ever since the Target data breach came into the limelight, there has been a constant stream merchants/retailers publicly disclosing data breach incidents.
According to Trend Micro, in addition to an increased number of data breaches, 2014 also brings an increase in the number of new PoS RAM scraper families.
The earliest evidence of PoS RAM scraping was in Visa’s Data Security Alert issued on October 2, 2008. Back then, cyber criminals attempted to install debugging tools on PoS systems to dump Tracks 1 and 2 credit card data from RAM. In 2009, Verizon also reported of PoS RAM scrapers alongside its victim profiles; targets were primarily the retail and hospitality industries. PoS RAM scraper families really started to evolve around the end of 2011. What stands out in the PoS RAM scraper family tree is the high concentration of new variants that have emerged in 2014 alone. Six variants of this scraper family emerged between 2011 and 2013, but researchers discovered the same number of variants in 2014 alone.