Skip to main content
  1. Home
  2. Computing
  3. News

Hackers stole passwords from 140,000 payment terminals using malware

Add as a preferred source on Google

An Android-based payment system has been affected by hackers who have been able to infiltrate its database and gain access to 140,000 payment terminals globally, according to TechCrunch.

The brand, Wiseasy, is well known in the Asia-Pacific region, with its payment terminals used in restaurants, hotels, retail outlets, and schools. Its accompanying Wisecloud cloud service is used for remote management and configuration for its customer’s terminals.

The Wiseasy point of sale system on a table.
Image used with permission by copyright holder

Hackers were able to gain access to Wiseasy’s systems through employees’ computer passwords being stolen by malware and ending up on the dark web marketplace, according to cybersecurity firm Buguard, which shared the information with TechCrunch.

Recommended Videos

Buguard is a penetration testing and dark web monitoring startup that observed the hacking of Wiseasy and noted that the bad actors were able to gain control of two of the company’s cloud dashboards, including an “admin” account. Notably, the popular payment system brand lacked commonly recommended security features, such as two-factor authentication.

The publication was able to view screenshots of Wiseasy’s “admin” user account, which shows how the service can control payment terminals remotely, have access to various user data, and have configuration control, such as being able to add users, seeing Wi-Fi names, and plaintext passwords of connected payment terminals. Access in the wrong hands can easily cause such a situation.

Buguard also said its attempts to warn Wiseasy of the security issue began in early July, but the scheduled meetings ended up getting canceled and were never held. At this point, Buguard chief technology officer Youssef Mohamed says he’s unable to say whether the breach has been resolved. However, a Wiseasy spokesperson, Ocean An, told TechCrunch that the company had fixed the issue in-house and added two-factor authentication to its systems.

It remains unknown whether Wiseasy will directly tell customers about this hack, however.

Many cyber-security issues have to do with hackers working to take over control of various programs or services from the back end. A recently resolved zero-day vulnerability was Follina (CVE-2022-30190), which granted hackers access to the Microsoft Support Diagnostic Tool (MSDT).

This tool is commonly associated with Microsoft Office and Microsoft Word. Hackers were able to exploit it to gain access to a computer’s back end, granting them permission to install programs, create new user accounts, and manipulate data on a device.

Early accounts of the vulnerability’s existence were remedied with workarounds. However, Microsoft stepped in with a permanent software fix once hackers began to use the information, they gathered to target the Tibetan diaspora and U.S. and E.U. government agencies.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Apple’s Hide My Email feature has an unfixed bug that leaves email addresses exposed
100% exploitable in limited testing, known since June 2025, and still unfixed as of today.
apple-merging-sign-in-with-apple-hide-my-email-icloud+

Apple has been selling Hide My Email to keep your real email address hidden, but it has a vulnerability that does the exact opposite. The worst part is that the company has known about it for a year. 

Hide My Email, part of Apple’s paid iCloud+ subscription, lets users generate anonymous email addresses for signing up to a website, so that their personal or work email remains free of promotional emails and spam. 

Read more
I hate sharing my Mac, but a face-unlocking app finally cured my privacy paranoia
Someone finally built the app locker every Mac user has been asking for.
FaceGate in action on Mac

If you have ever handed your Mac to a friend, family member, or coworker for "just a minute," you know the mild panic that follows. Sure, your Mac has a lock screen, but once someone is past it, they can open Messages, Photos, Notes, Mail, WhatsApp, and your browser.

iPhones had the same issue, but Apple solved it by adding an app lock feature with the iOS 18 update. Sadly, no such feature exists for macOS. That’s where the new FaceGate app for Mac can help you. It’s a free and open-source app that lets you lock apps on your Mac and even has some novel tricks up its sleeve. So, let’s talk about it, shall we?

Read more
The charm of a tiny Windows tablet is apparently dead at Microsoft. Long live the Surface Go!
Microsoft’s budget Surface era may be over
Microsoft Surface Go 3 stand.

Microsoft might be cleaning up its Surface lineup. According to Windows Central, Microsoft has stopped manufacturing the Surface Go and Surface Laptop Go lines, with no successors currently planned. Surface Go 4 and Surface Laptop Go 3 are reportedly out of stock in most places, and once remaining retail stock is gone, that may be it.

If this is true, then we are looking at the end of the brand's budget Surface PCs as Microsoft has plenty of premium Windows hardware.

Read more