In the case of the StarDust campaign, IntelCrawler found malicious code that exploits vulnerabilities in ClearviewPOS, a PoS software program popular in the food service industry.
Dexter version 2 (Stardust) and version 3 (Revolution) can inject code into specific ClearviewPOS processes to monitor its memory, Komarov said.
Smaller businesses are likely an easier target for PoS attacks because of their reduced security, the Arbor Networks researchers said. "While the attackers may receive less card data from smaller retailers, infections may be more numerous and last longer due to the lack of security reporting and security staff in such environments."
The Arbor Networks researchers expect more sophisticated PoS malware threats to be developed and used by cybercriminals in the future. "It is only a matter of time before evolution in tactics takes place, therefore network defenders need to be well prepared to protect PoS and other financially sensitive systems that will continue to be a target for financially motivated threat actors."
Sign up for CIO Asia eNewsletters.