jackpos


This whitepaper is the first of a series of FortiGuard Technical Analyses that go in-depth into the inner workings of malware. In this paper we take a look at the malware known as Soraya. Soraya is unique in that it combines the form-grabbing techniques seen in the ubiquitous Zeus and the memory-parsing techniques seen in Point of Sale (POS) malware such as Dexter and JackPOS. In this report, we join Junior AV Analyst Hong Kei Chan in dissecting Soraya: How Soraya installs itself How Soraya grabs the contents of forms How Soraya parses its target's... [Read More]
by RSS Richard Henderson  |  Jul 14, 2014  |  Filed in: Security Research
In a previous blog post on Dexter, we briefly mentioned a new strain of point-of sale (PoS) malware that has compromised over 4,500 credit cards in the United States and Canada. This new strain of malware, dubbed JackPOS, was detected early this year and between then and the time of writing, has had just one version, but with multiple variants. In this blog post, we look briefly at the unique attributes of JackPOS: its custom pattern matching and its command-and-control (C&C) communication. We will conclude with quick remarks on the newest... [Read More]
by RSS Hong Kei Chan  |  Jun 24, 2014  |  Filed in: Security Research