Vulnerabilities in German POS systems could lead to MitM attacks

Image Source: Article

Image Source: Article

A pair of researchers demonstrated vulnerabilities in German banks and their retail payment systems that could allow cybercriminals to steal payment card information and more at the Chaos Communication Congress in Hamburg, Germany on Dec. 27.

Researchers Karsten Nohl and Fabian Bräunlein of Security Research Labs in Berlin showed what they called “shopshifting” attacks that exploited the lack of authentication factors in the ZVT and Poseidon communication protocols used by the card readers that could allow an attacker to perform man-in-the-middle (MitM) style attacks through a retailer's network via WI-FI or Ethernet connection.

Read the full article