In the 19 months between February 2021 and September 2022, two point-of-sale (POS) malware operators have stolen more than 167,000 payment records, mainly from the US, according to researchers at Group-IB. The researchers were able to retrieve information about infected machines and compromised credit cards by analyzing a command and control (C2) server used by the malware.
POS malware is designed to steal debit and credit card data from POS machines in retail stores. It does this by harvesting the temporarily unencrypted card data from the machine’s memory. Due to improved security measures against this type of theft in most countries, this type of malware isn't as widely used as it once was, although it never disappeared completely. more here