Connect with us

Hi, what are you looking for?

HEADLINES

New attack tool helps cyber criminals breach any PoS system

Trend Micro researchers have discovered MalumPoS, a new PoS attack tool that threat actors can reconfigure to breach any PoS system they wish to target. Currently, it is designed to collect data from PoS systems running on Oracle MICROS – a platform popularly used in the hospitality, food and beverage, and retail industries and is claimed by Oracle to be used in 330,000 customer sites worldwide.

As highlighted in Trend Micro’s recent Q1 report “Bad Ads and Zero-Days: Reemerging Threats Challenge Trust in Supply Chains and Best Practices”, PoS malware and tools have become one of the biggest issues and concerns in the security industry with PoS RAM scrapers continuing to increase in number.

Trend Micro Malum POS
Compared to other PoS RAM scrapers seen in the past, this particular MalumPoS threat shows a few interesting characteristics and noteworthy details.

Aside from Oracle MICROS, MalumPoS also targets Oracle Forms, Shift4 systems, and those accessed via Internet Explorer. Based on the user base of these listed platforms, a majority were from the US.

Once installed in a system, MalumPoS disguises itself as “the “NVIDIA Display Driver” or   stylized to be displayed as “NVIDIA Display Driv3r”. Although typical NVIDIA components play no important parts in PoS systems, their familiarity to regular users may make the malware seem harmless.

Advertisement. Scroll to continue reading.

It selectively looks for any data on the following cards: Visa, MasterCard, American Express, Discover, and Diner’s Club.

MalumPoS is highly configurable so a threat actor can still change or add to this current list of targeted systems and credit card targets.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Local IT and cybersecurity professionals came together for a full day of networking, talks, panel discussions, and hands-on activities that highlighted how fusing technologies...

HEADLINES

Enhanced with new management and operational tools designed specifically for Managed Service Providers (MSPs), the platform simplifies risk management for enterprises while also allowing MSPs...

HEADLINES

For this year’s conference, Trend Micro will highlight the pressing need to fuse together and integrate different technologies to produce holistic and multi-faceted solutions...

HEADLINES

Trend Micro research shows that cybercriminals are catching on to the explosion of enterprise AI use, resulting in a dramatic increase in AI-based tools available...

White Papers

The report warns that attackers are using more advanced methods to target fewer victims with the potential for higher financial gains.

HEADLINES

Robert McArdle, a leader in Trend Micro’s cybercrime research team and collaborator with the Federal Bureau of Investigation (FBI) and National Crime Agency (NCA),...

Biz Solutions

Trend Micro offers a suite of security solutions made for specific threats. 

HEADLINES

The widespread availability and improved quality of GenAI, coupled with the use of Generative Adversarial Networks (GANs), are expected to disrupt the phishing market...

Advertisement