• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   POS malware

MajikPOS Combines PoS Malware and RATs to Pull Off its Malicious Tricks
  • Posted on:March 15, 2017 at 5:00 am
  • Posted in:Deep Web, Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

We’ve uncovered a new breed of point-of-sale (PoS) malware currently affecting businesses across North America and Canada: MajikPOS (detected by Trend Micro as TSPY_MAJIKPOS.A). Like a lot of other PoS malware, MajikPOS is designed to steal information, but its modular approach in execution makes it distinct. We estimate that MajikPOS’s initial infection started around January 28, 2017.

While other PoS malware FastPOS (its updated version), Gorynych and ModPOS also feature multiple components with entirely different functions like keylogging, MajikPOS’s modular tack is different. MajikPOS needs only another component from the server to conduct its RAM scraping routine.

Read More
Tags: cardingcredit card theftMajikPOSPOS malware

FastPOS Updates in Time for the Retail Sale Season
  • Posted on:October 5, 2016 at 8:47 am
  • Posted in:Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

Most point-of-sale (PoS) threats follow a common process: dump, scrape, store, exfiltrate. FastPOS (initially detected by Trend Micro as TSPY_FASTPOS.SMZTDA) was different with the way it removed a middleman and went straight from stealing credit card data to directly exfiltrating them to its command and control (C&C) servers.

FastPOS was true to its moniker—pilfer data as fast as possible, as much as it can, even at the expense of stealth. The malware is a reflection of how PoS threats, though no longer novel, are increasingly used against businesses and their customers. As such, FastPOS’s update does not come as a surprise—in time for the oncoming retail season to boot.

Read More
Tags: credit card theftFastPOSpoint-of-salePOS malware

Backdoor as a Software Suite: How TinyLoader Distributes and Upgrades PoS Threats
  • Posted on:May 10, 2016 at 3:07 pm
  • Posted in:Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

A multicomponent backdoor and point-of-sale (PoS) malware tandem can lead to stealthier and more flexible attacks. And these can pose greater threats to enterprises and small and medium-sized businesses (SMBs). Add another PoS malware to the mix, and you’ve got even bigger trouble.

Read More
Tags: AbaddonPOScybercrimePOS malwarePoS threatsTinyLoaderTinyPOS

FighterPOS PoS Malware Gets Worm Routine
  • Posted on:February 25, 2016 at 8:00 am
  • Posted in:Bad Sites, Botnets, Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

Last April 2015, we talked about FighterPOS, a point-of-sale (PoS) malware that was used in a one-man cybercriminal operation to steal over 22,000 unique credit card numbers and affected more than 100 PoS terminals in Brazil and other countries. We recently came across new and seemingly improved versions of this malware. Among other things, FighterPOS now has propagation capabilities; meaning, it could spread from one PoS malware terminal to another that is connected to the same network and thereby increasing the number of potential victims in one organization.

Read More
Tags: FighterPOSPOS malwareworm

Angler Exploit Kit Used to Find and Infect PoS Systems
  • Posted on:July 27, 2015 at 4:03 pm
  • Posted in:Malware, Vulnerabilities
  • Author:
    Anthony Joe Melgarejo (Threat Response Engineer)
0

An attack aiming to infect PoS systems was found using the Angler Exploit Kit to push a PoS reconnaissance Trojan,This Trojan, detected as TROJ_RECOLOAD.A, checks for multiple conditions in the infected system like if it is a PoS machine or part of a PoS network. It then proceeds to download specific malware depending on the…

Read More
Tags: Angler Exploit Kitexploit kitsPOS malwarePoS threatsvulnerability
Page 1 of 512 › »

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools
  • Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns
  • AESDDoS Botnet Malware Infiltrates Containers via Exposed Docker APIs
  • SLUB Gets Rid of GitHub, Intensifies Slack Use
  • Powload Loads Up on Evasion Techniques

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.