FBI Raid Chinese POS Terminal in Suspected Cyber Attack Scheme
Table of Contents
- By David Lukic
- Published: Dec 10, 2021
- Last Updated: Mar 18, 2022
The FBI and other federal agencies raided several Chinese POS terminals owned by PAX Technology in Florida on October 26, 2021. Independent cybersecurity expert Brian Krebs said security concerns spurred the investigation after an unknown U.S. payment processor noticed "unusual network packets" from the company's payment terminals.
PAX Technology, a division of China-based PAX Global Technology Ltd., processes millions of transactions in shops worldwide, and said there were no allegations of misconduct.
What Happened?
The FBI raid was linked to reports that PAX's systems could be involved in cyber attacks on US and EU organizations. Suspicions that their terminals were used as a staging point for hacking and collecting information prompted the raid.
Brian Krebs told BBC News that a major US payment processor made claims about PAX terminals.
The US payment processor alleged that
“the Pax terminals were used both as a malware ‘dropper’ - a repository for malicious files - and as ‘command-and-control’ locations for conducting attacks and collecting information.”
The source also accused the UK security service MI5 of involvement in the investigation.
An FBI official told BBC News it had searched three locations in Jacksonville, Florida.
What is the FBI claiming?
The FBI, in partnership with Homeland Security Investigations, Customs and Border Protection, the Department of Commerce and Naval Criminal Investigative Services, claims a court-approved search was carried out with the support of the Jacksonville Sheriff's Office to support a federal investigation.
According to the Federal Bureau of Investigation, the investigation is still active and ongoing.
How did PAX Technology respond?
A senior executive overseeing security at PAX Technology has resigned after the raids by US investigators.
According to her LinkedIn profile, Patty Walters, former senior vice president of security and services, worked at payment terminals in Jacksonville, Florida for nearly three years. She confirmed her resignation to Bloomberg but declined to comment on the circumstances of her resignation.
Meanwhile, a spokesperson for the company confirmed in a statement that it received a sudden visit from the FBI and other agencies, but was unaware of any illegal conduct by it or its employees, and sought legal advice to learn more about the investigation.
Pax UK's letter to customers obtained BBC News says they are currently dealing with no security problems and can confirm there have been no security breaches or compromised data.
"No confidential customer information or transaction data was sent from any Pax device sold in the US or UK,"
it said.
The company in a statement said no allegation of wrongdoing had been made.
"Pax Technology takes security seriously. As always, Pax Technology is actively monitoring its environment for possible threats. We remain committed to providing secure and quality software systems and solutions. Pax Technology is not aware of any illegal conduct by it or its employees, and is in the process of engaging counsel to learn more about the events that led to the investigation."
Pax Technology Corporate in Hong Kong also revealed they would release a global response by the end of the week.
