PunkeyPOS Malware

PunkeyPOS is a new type of Point of Sale Malware which was recently discovered by PandaLabs.[1][2] This new Point of Sale Malware infects the Point of Sale(POS) Systems with two types of malware applications - keylogger and RAM Scraper.[3] PunkeyPOS gets installed into the computer automatically without the knowledge of the user, in a similar manner as other POS malware.

Process of Punkey Malware

The keylogger captures and records the keystrokes made at the POS terminals in the retail stores. It captures data only related to credit cards. The RAM Scraper reads the memory of the system processes in the POS terminals.[4][5] The information in the magnetic strips on the cards gets stored in the POS terminal/ device memory and this stolen information is then encrypted and forwarded to the cybercriminal's Control and Command Server (C&C).[6]

Data Breach Report

It has been reported by PandaLabs that about 200 retail stores that use POS systems have been infected with this new variant of PunkeyPOS malware.[7] [8]

gollark: Well, yes, they're not amazing magic things which can immediately do anything if you plug them in, but they... can do bad things.
gollark: That is true, although my laptop doesn't support Thunderbolt so all I have to worry about is... electronic hardware attacks and rubberducky-type things?
gollark: > Like usb 3.1 supports direct memory access<@689232518125191253> Does it? I thought that was limited to Thunderbolt, which most devices do not actually support. There are meant to be mechanisms for limiting the access of Thunderbolt devices but they seem to be broken all the time and terrible anywya.
gollark: Sure you can, just X-ray-scan them before use.
gollark: I'm considering making potatOS use advanced rot13 encryption for logs and such.

See also

References


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.