New BlackPOS variant masquerades as AV service

  • 2 September 2014
  • 0 replies
  • 168 views

Userlevel 7
Author: Zeljka Zorz HNS Managing Editor/ Posted on 02.09.2014
 
http://www.net-security.org/images/articles/malware2.jpgBefore the Backoff point-of-sale malware receiveddeserved attention, the main player in the PoS malware field was BlackPOS (or Kaptoxa), the memory-scraping malware that was used in the Target breach.

Other malware based on BlackPOS has also beenanalyzed. As time goes by, new versions of the malware are discovered - not wholly unexpected as the original's source code was leaked online in 2012.

Trend Micro researchers have news about the latest version, which they dubbed Memlog. Unlike previous versions, which registered themselves as a system service used by the target company, Memlog disguises itself as an installed service of known AV vendor software in order to avoid detection.

 
 
Help Net Security/ full article here/ http://www.net-security.org/malware_news.php?id=2856

0 replies

Be the first to reply!

Reply