As news of a malware attack that compromised some 105,000 point-of-sale transactions at UPS Stores begins to unfold, a restaurant in New Orleans announces that it has been targeted by Backoff, an emerging POS malware strain that is hitting smaller merchants across the U.S.

UPS says it initiated an investigation into possible POS network intrusions after federal authorities issued an alert about emerging malware, including the new memory-scraping POS malware known as Backoff, which had been identified in a handful of recent forensics investigations tied to retail breaches.

On July 31, the Department of Homeland Security, the Secret Service and the Financial Services Information Sharing and Analysis Center issued the alert about Backoff, which typically infects POS systems through the compromise of a remote-access portal.

Experts say that what makes Backoff attacks so fruitful is that they are typically waged against numerous merchants simultaneously through the exploit of a remote-access or third-party vulnerability.

And while details surrounding the breaches at UPS, as well the breach involving New Orleans restaurant Mizado Cocina are just emerging, industry experts speculate that these breaches and many others could be related - and could be linked to a remote-access attack or third-party breach, similar to the one that compromised Target Corp. in late 2013.

Merchants, payment processors, banking institutions, software providers and other third parties must be more diligent about protecting the portals that allow hackers in, experts contend. And securing remote-access ports is a good place to start.

Investigation Continues

UPS has declined to comment about whether the malware it found on its POS systems was, indeed, Backoff, noting that its investigation into the breach is ongoing. But Mizado Cocina already has confirmed that Backoff was the malware used in its breach.

"We're still continuing the investigation," says UPS spokeswoman Chelsea Lee. "The reason we issued the notification now was to alert potentially impacted customers."

In an Aug. 21 statement, UPS says it began auditing all POS systems at UPS Stores after receiving the July 31 DHS alert about the rise in POS malware attacks, including several linked to Backoff.

"As soon as we became aware of the potential malware intrusion, we deployed extensive resources to quickly address and eliminate this issue. Our customers can be assured that we have identified and fully contained the incident," says UPS Store President Tim Davis.

Mizado Cocina's Breach

In an FAQ issued Aug. 19, Mizado Cocino says its breach appears to have compromised credit and debit transactions conducted between May 9 and July 18.

"The restaurant had originally been alerted earlier this summer by concerned guests who had received fraudulent charges soon after dining at Mizado Cocina," the FAQ states. The restaurant's IT company subsequently scanned the system and quarantined the suspicious malware and replaced affected hardware on July 18.

"The U.S. Secret Service was contacted, as well as credit card processors and forensics experts, and an immediate investigation was initiated to better understand the nature and scope of the incident," the restaurant says.

"While the exact type of virus [Backoff] was not specifically identified until July 31, the forensic analysis confirmed that IT's security scan had successfully eliminated the malware and the security compromise was contained," the restaurant says. "Mizado has been safely and securely processing credit cards with full protection since July 18."