TrickBot continues to evolve as it adds more features to steal users’ credentials, the most recent development we published being the pwgrab32 module. Because of TrickBot’s modular capability, we found a newly added POS malware feature that makes this banking trojan more dangerous. The new module scans for indicators if an infected computer is connected to a network that supports POS services and machines.Read More
This is the second part of our two-part blog series on Operation Black Atlas. The first blog entry is entitled, Operation Black Atlas Endangers In-Store Card Payments and SMBs Worldwide; Switches between BlackPOS and Other Tools. Operation Black Atlas has already spread to a multi-state healthcare provider, dental clinics, a machine manufacturer, a technology company…Read More
With the coming holidays also come news of various credit card breaches that endanger the data of many industries and their customers. High-profile breaches, such as that of the Hilton Hotel and other similar establishments, were accomplished using point-of-sale (PoS) malware, leading many to fear digital threats on brick-and-mortar retailers this Thanksgiving, Black Friday, Cyber Monday, and the rest of the holiday season. Researchers also found a broad campaign that uses the modular ModPOS malware to steal payment card data from retailers in the US.
However, from what we have seen, it is not only retailers in the US that are at risk of breaches. Our researchers recently found an early version of a potentially powerful, adaptable, and invisible botnet that seeks out PoS systems within networks. It has already extended its reach to small and medium sized business networks all over the world, including a healthcare organization in the US. We are calling this operation Black Atlas, in reference to BlackPOS, the malware primarily used in this operation.Read More
Cybercrime doesn’t wait for anything or anyone. Two years after publishing our last report on the wares and services traded in the bustling Chinese underground, we found that the market’s operations have further expanded. From traditional malware, Chinese cybercriminals are now looking toward newer innovations and technologies to boost their operations. The Chinese underground now…Read More
October 1st ushers in a significant shift for merchants, banks, and consumers. It is deadline day for merchants in the United States to switch to EMV technology. EMV stands for Europay, MasterCard, and Visa, the three companies that created the EMV consortium in 1994 to develop new technologies to counteract payment card fraud. With this…Read More