Published on October 28th, 2021 📆 | 8089 Views ⚑
0PAX Technology Raided by FBI, Suspected Ties to Cybercrime
A prominent Chinese tech firm that sells hardware to companies throughout the world is currently under investigation after being accused of facilitating cyberattacks on various American and European targets.
On Tuesday, a swarm of FBI agents raided the Florida offices of Pax Technology, a large, Chinese-owned point-of-sale manufacturer that sells millions of payment terminals (POS) to companies all over the globe. POS terminals are essentially payment kiosks. While you may not recognize the term, youâve definitely used one before. They can be found pretty much everywhereâfrom supermarkets to gas stations to your local dive bar (wherever you need to swipe a credit card, a POS terminal will be there).
News of the raid on PAX was originally broken by WOKV, a local Florida news outlet, which reported Tuesday that the FBI, Department of Homeland Security, and other agency officials were conducting âan investigationâ at the businessâs warehouse in Jacksonville. When queried by reporters, the FBI put out the following statement about their activities:
âThe FBI Jacksonville Division, in partnership with Homeland Security Investigations, Customs and Border Protection, Department of Commerce, and Naval Criminal Investigative Services, and with the support of the Jacksonville Sheriffâs Office, is executing a court-authorized search at this location in furtherance of a federal investigation. We are not aware of any physical threat to the surrounding community related to this search. The investigation remains active and ongoing and no additional information can be confirmed at this time.â
While that doesnât give us a whole lot of clarity on the situation, security journalist Brian Krebs has reported that the company is being investigated for its potential role in facilitating cyberattacks on various American and European targets. A trusted source told Krebs that the companyâs point-of-sale devices were supposedly being used as a storage space for malware as well as a âcommand and controlâ center, whereby attacks could be deployed and data stolen.
âFBI and MI5 are conducting an intensive investigation into PAX,â the source told Krebs. âA major US payment processor began asking questions about network packets originating from PAX terminals and were not given any good answers.â
G/O Media may get a commission
Chill out
Get capsules, topicals, tinctures, and more in a variety of strengths at a steep markdown.
That payment processor would appear to be Worldpay from FIS. On Wednesday, Bloomberg News reported that the company had recently begun replacing PAX-manufactured point-of-sale devices with those made by two competitor firms. The replacements, which started prior to news of the federal investigation, were spurred by concerns over odd network activity emanating from PAXâs POS terminals. When asked about the activity by Worldpay, PAX reportedly did not give âsatisfactory answers,â a spokesperson told the outlet.
Krebs points outâand itâs a well-known factâthat point-of-sale terminals are common targets for cybercriminals and that the devices are frequently hijacked by hacker groups for the purposes of credential theft and malware distribution. It wouldnât require a company to be criminally involved for its equipment to be commandeered, and PAX has reportedly claimed that the inquiries into its business are âracially and politically motivated,â Krebs writes.
When reached for comment, a representative from PAX provided Gizmodo with a statement it has been sharing with customers. We have partially reproduced it here. According to the company, they have not been accused of any âwrongdoingâ:
You may be aware that yesterday the PAX Technology Inc. warehouse and office in Jacksonville (Florida, USA) were subject to an unexpected law enforcement agency visit in connection with an ongoing investigation. No allegation of wrongdoing has been made against PAX as of Tuesday 26th October 2021.
So, yeah, itâs all a little foggy as to whatâs going on here, other than a whole lot of business disruption for PAX. We reached out to the Justice Department for further comment and will update this story if they respond.
Gloss