Numaan Huq (Senior Threat Researcher at TrendLabs) recently discovered something interesting on a retail POS network. A commercial Data Leakage Prevention (DLP) product (specifically, Ground Labs’ Card Recon software) was installed. The interesting thing was that the DLP software was NOT installed by the rightful owners of the network, but by the bad guys! Numaan speculates on why he thinks they deployed the software here, but you have to think that the bad guys chose CardRecon over regex for the same reason a QSA would, right?
END, next comes the ad: