Skip to main content

Hackers stole passwords from 140,000 payment terminals using malware

An Android-based payment system has been affected by hackers who have been able to infiltrate its database and gain access to 140,000 payment terminals globally, according to TechCrunch.

The brand, Wiseasy, is well known in the Asia-Pacific region, with its payment terminals used in restaurants, hotels, retail outlets, and schools. Its accompanying Wisecloud cloud service is used for remote management and configuration for its customer’s terminals.

The Wiseasy point of sale system on a table.
Image used with permission by copyright holder

Hackers were able to gain access to Wiseasy’s systems through employees’ computer passwords being stolen by malware and ending up on the dark web marketplace, according to cybersecurity firm Buguard, which shared the information with TechCrunch.

Recommended Videos

Buguard is a penetration testing and dark web monitoring startup that observed the hacking of Wiseasy and noted that the bad actors were able to gain control of two of the company’s cloud dashboards, including an “admin” account. Notably, the popular payment system brand lacked commonly recommended security features, such as two-factor authentication.

The publication was able to view screenshots of Wiseasy’s “admin” user account, which shows how the service can control payment terminals remotely, have access to various user data, and have configuration control, such as being able to add users, seeing Wi-Fi names, and plaintext passwords of connected payment terminals. Access in the wrong hands can easily cause such a situation.

Buguard also said its attempts to warn Wiseasy of the security issue began in early July, but the scheduled meetings ended up getting canceled and were never held. At this point, Buguard chief technology officer Youssef Mohamed says he’s unable to say whether the breach has been resolved. However, a Wiseasy spokesperson, Ocean An, told TechCrunch that the company had fixed the issue in-house and added two-factor authentication to its systems.

It remains unknown whether Wiseasy will directly tell customers about this hack, however.

Many cyber-security issues have to do with hackers working to take over control of various programs or services from the back end. A recently resolved zero-day vulnerability was Follina (CVE-2022-30190), which granted hackers access to the Microsoft Support Diagnostic Tool (MSDT).

This tool is commonly associated with Microsoft Office and Microsoft Word. Hackers were able to exploit it to gain access to a computer’s back end, granting them permission to install programs, create new user accounts, and manipulate data on a device.

Early accounts of the vulnerability’s existence were remedied with workarounds. However, Microsoft stepped in with a permanent software fix once hackers began to use the information, they gathered to target the Tibetan diaspora and U.S. and E.U. government agencies.

Fionna Agomuoh
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
The robot takeover comes another step closer — at Amazon
An Amazon robot working inside one of the company's warehouses.

Amazon is close to having more robots operating inside its warehouses than humans after the e-commerce giant announced this week that it now has more than a million robots working at its facilities around the world.

Over the years, Amazon has spent billions of dollars on the development and deployment of warehouse-based robots, which handle an array of tasks once performed by human workers.

Read more
This Lenovo ThinkPad laptop is over $1,400 off — hurry while stocks last!
The Lenovo ThinkPad T14 Gen 5 Intel laptop on a white background.

Now's an excellent time to take advantage of laptop deals from Lenovo, which has slashed the prices of a wide range of devices for its Black Friday in July sale. Lenovo's ThinkPad laptops are up to 45% off, and here's one of the most interesting offers available with such a discount — the Lenovo ThinkPad T14 Gen 5 at $1,440 off its estimated value of $3,199, so you'll only have to pay $1,759. That's an excellent price for this fantastic productivity tool, but you're going to have to push forward with your purchase as soon as possible because stocks may run out at any moment.

BUY NOW

Read more
Early Prime Day deal: Samsung’s 27-inch Odyssey G3 at its annual low price
Samsung Odyssey G3 gaming monitor on desk with keyboard and headset.

If you're ready to upgrade your monitor, this Samsung deal over at Amazon just might be your best bet. The 27-inch version of Samsung's Odyssey G3 is $130 right now, a full $100 off its regular $230 price and its lowest price of the year. It's a part of early Prime Day deals and a good sampling of what we can expect for the shopping holiday, which officially lands on July 8th. Tap the button below to see it for yourself or keep reading to see why we like this deal and why this should be your next monitor.

Buy Now

Read more