the first malware that targeted POS point of Sale systems was built for specific software and hardware and wanted only the credticard information
now from a specific malware it has grown into a platform to attack any vendor system for any reason
"Some recent POS investigations have revealed organized crime groups distributing malicious code and compromising networking environments of merchants and credit card devices, including ticket vending machines and electronic kiosks installed in public places and mass transport systems. One of the compromised devices was found in Sardinia in August 2014, giving the bad actors unauthorized access to it through VNC.
but the infections are only starting (one in Holland, one in France but none in Belgium for the moment)
it also means that the period of security by obscurity is over for these systems and that anti-cocal hackers will give us free coke (or none at all) or free busrides or just want to get pincodes on any access system (to have some physical penetration afterwards ?)