pos malware

GamaPoS has received a fair amount of attention since its discovery, in part because the use of .NET is (currently) unique among PoS malware and in part because it leverages the versatile Andromeda botnet. At its core, though, GamaPoS is a scraper designed to steal payment data from the RAM of PoS systems.  GamaPoS is the first documented PoS malware to be written in .NET. Malware written in .NET comes with its advantages and its disadvantages, both for authors and researchers. The most obvious benefit for its authors is that it... [Read More]
by RSS Hong Kei Chan  |  Jul 20, 2015  |  Filed in: Industry Trends
In a previous blog post on Dexter, we briefly mentioned a new strain of point-of sale (PoS) malware that has compromised over 4,500 credit cards in the United States and Canada. This new strain of malware, dubbed JackPOS, was detected early this year and between then and the time of writing, has had just one version, but with multiple variants. In this blog post, we look briefly at the unique attributes of JackPOS: its custom pattern matching and its command-and-control (C&C) communication. We will conclude with quick remarks on the newest... [Read More]
by RSS Hong Kei Chan  |  Jun 24, 2014  |  Filed in: Security Research
Hong Kei Chan, Junior AntiVirus Analyst Special Technical Contribution by Liang Huang, Senior Antivirus Analyst Dexter, a custom point-of-sale (POS) malware, has the ability to search through the memory of POS systems for credit and debit card information. POS malware have been making headlines this year, from Target's data breach -- where it has been reported that approximately 40 million credit and debit card accounts had been compromised (Source) -- to more recently, a new strain of POS malware compromising over 4,500 credit cards in the United... [Read More]
by RSS Hong Kei Chan  |  Mar 10, 2014  |  Filed in: Security Research