Results 1 to 9 of 9
More POS malware, just in time for Christmas
This is a discussion on More POS malware, just in time for Christmas within the Everyday Life forums, part of the Community channel category; More POS malware, just in time for Christmas VXers stuff evidence-purging malware in retailer stockings. Threat researchers are warning of ...
- 16-11-15, 10:05 AM #1
More POS malware, just in time for Christmas
More POS malware, just in time for Christmas
VXers stuff evidence-purging malware in retailer stockings.
Threat researchers are warning of two pieces of point of sales malware that have gone largely undetected during years of retail wrecking and now appear likely to earn VXers a haul over the coming festive break.
The Cherry Picker and AbaddonPOS malware, exposed in the last week, are the latest evolution in stealthy and capable point of sales credit and debit card plundering.
Cherry Picker has been targeting retail businesses since 2011 and now sports new anti-analysis tricks, persistence mechanisms, and better card ripping functionality.
Trustwave researcher Eric Merritt says the malware is expert at wiping evidence of itself after an attack has occurred, overwriting files multiple times and removing data exfiltration locations.
The memory-scraping malware runs on Windows platforms including Windows 7 and the hard-to-kill XP, running remote administration services.
It targets retailers in the food industry running any POS software.
Proofpoint's contribution to the bad news was its description of the Abaddon point of sales malware, which also sports anti-analysis, obfuscation, and wiping tricks.
The researchers found Abbadon on seven client networks that had been delivered after a Vawtrak infection.
"On October 8, Proofpoint researchers observed Vawtrak downloading TinyLoader … which then downloaded AbaddonPOS," the researchers say.
"The practice of threat actors to increase their target surfaces by leveraging a single campaign to deliver multiple payloads is by now a well-established practice," the researchers say.
"While using this technique to deliver point of sale malware is less common, the approach of the US holiday shopping season gives cybercriminals ample reason to maximise the return on their campaigns."
PoS malware will be further challenged as the United States deploys EMV credit card technology, notably when crucial PIN features are used in place of antiquated signatures.
Advertisement- 16-11-15, 12:30 PM #2
Re: More POS malware, just in time for Christmas
It's about time the US started using PIN technology.
I quite like the contactless tech, although I have invested in a wallet that has shields in it so I have to take the card out of the wallet to use it.--------------------------------------------------------
Artificial Intelligence is no match for Natural Stupidity.
--------------------------------------------------------
- 16-11-15, 12:39 PM #3
- 16-11-15, 01:36 PM #4
Re: More POS malware, just in time for Christmas
Yes, that would work too...
Personally, I prefer not to have bits of tin foil falling from my wallet when I open it. There's enough junk, receipts etc, in there already!--------------------------------------------------------
Artificial Intelligence is no match for Natural Stupidity.
--------------------------------------------------------
- 16-11-15, 02:14 PM #5
Re: More POS malware, just in time for Christmas
Foil is awesome, with some duct tape and wd40 all of life's problems are sorted.
Sent from my Nexus 6P using Tapatalk
- 16-11-15, 02:30 PM #6
Re: More POS malware, just in time for Christmas
You forgot the string.... very useful.
Desert Island survival pack.... now there's a topic for an interesting thread.--------------------------------------------------------
Artificial Intelligence is no match for Natural Stupidity.
--------------------------------------------------------
- 21-11-15, 10:41 AM #7
Re: More POS malware, just in time for Christmas
Seems like the BBC agree with you...
Tips to boost your wi-fi connection - BBC News--------------------------------------------------------
Artificial Intelligence is no match for Natural Stupidity.
--------------------------------------------------------
- 21-11-15, 02:09 PM #8
Re: More POS malware, just in time for Christmas
TomD
Please note the views and recommendations in my posts are my own and in no way reflect the views of SkyUser.
Useful Utilites
https://www.nirsoft.net/utils/wifi_information_view.html/ TCPOptimiser /Test Socket
Note - When downloading always select the Custom install or you will end up with stuff you don't want.
- 21-11-15, 03:02 PM #9
Re: More POS malware, just in time for Christmas
Nobody told her not to use a Sky router full stop.
--------------------------------------------------------
Artificial Intelligence is no match for Natural Stupidity.
--------------------------------------------------------