Skip to main content
close search
site logo
Dive Brief

TreasureHunt malware strain stealing swipe payment data

Published March 29, 2016
By
Ian P. Murphy
Fotolia

Dive Brief:

  • Malware called TreasureHunt is targeting retailers’ swipe point-of-sale systems to tap credit card information, said cybersecurity firm FireEye.
  • The malware taps card information from processes running in the systems’ memory and transmits it to a server operated by a member of a cyberciminal forum.
  • Two out of five U.S. retailers haven’t yet converted to EMV systems, which are resistant to interception malware like TreasureHunt. 

Dive Insight:

Breaches resulting from a malware strain that intercepts consumer credit card information from swipe-based point-of-sale systems and relays data to cybercriminals are on the rise, according to cybersecurity firm FireEye.

The current malware epidemic results from custom-built software known as TreasureHunt, which is reportedly disseminated by BearsInc, a member of an “underground cybercrime forum dedicated to credit card fraud" that enables users to buy and sell stolen payment information, a FireEye blog post says. A user named “Jolly Roger” developed the TreasureHunt software.

Chip-and-PIN (EMV) cards will eventually make data-piracy techniques TreasureHunt this obsolete, FireEye said, but U.S. retailers have been notoriously slow to implement the technology. “Many cybercriminals are looking take advantage of memory-scraping POS malware while it still works,” said FireEye researcher Nart Villeneuve.

While FireEye says that small businesses that continue to use swipe payments are particularly vulnerable, large companies such as Costco and Kmart still haven’t converted the majority of their systems to EMV, either.

EMV takes its name from the three companies that created its chip-integrated standard (Europay, MasterCard and Visa, respectively). Each time a chip-enabled card is used, it creates a unique and dynamic transaction that’s significantly more fraud-resistant.

Retailers that fail to implement EMV cards could be liable for more than $8 billion in fraudulent transactions each year. TreasureHunt and similar viruses may provide the wake-up call U.S. retailers need to realize that their systems aren’t immune to data breaches and financial liability. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
JRM Construction Completes Elegant Build-Out of Prestigious TimeVallée Boutique at American Dr…
From JRM Construction Management
April 15, 2025
Temu Strengthens Commitment to Quality Assurance with Eurofins Consumer Products Testing Partn…
From Temu
April 07, 2025
JRM Construction Management Completes First U.S. Flagship Store for Staple Pigeon on Mercer St…
From JRM Construction Management
April 17, 2025
Quorso partners with Circle K to implement Intelligent Management in stores across Europe
From Quorso
April 17, 2025
Editors' picks
Latest in Operations
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.