TreasureHunt POS Malware Discovered by FireEye
Posted by: Timothy Weaver on 03/30/2016 08:22 AM
[
Comments
]
Researchers are FireEye have discovered a Point of Sale (POS) malware called TreasureHunt that appears to have been custom-built for a “dump shop” that sells stolen credit card data.
According to their blog post, FireEye says the malware enumerates running processes, extracts payment card information from memory, and then transmits this information to a command and control (CNC) server.
Criminals are using the memory scrapping software in an effort before more secure chip and PIN technologies render the data scrapping techniques obsolete.
It is estimated that 1.2 million merchants are now accepting the 600 million chip cards now used in the United States.
The researchers said cybercriminals often gain access to the POS systems to implant the malware using previously stolen credentials or brute force login attempts with common passwords.
Source: SCMagazine
According to their blog post, FireEye says the malware enumerates running processes, extracts payment card information from memory, and then transmits this information to a command and control (CNC) server.Criminals are using the memory scrapping software in an effort before more secure chip and PIN technologies render the data scrapping techniques obsolete.
It is estimated that 1.2 million merchants are now accepting the 600 million chip cards now used in the United States.
The researchers said cybercriminals often gain access to the POS systems to implant the malware using previously stolen credentials or brute force login attempts with common passwords.
Source: SCMagazine
Comments
