PunkeyPOS copies card data and bank magnetic stripes and has breached around 200 POS terminals in the US, says report.
PandaLabs this week published details of a new variant of point of sale (POS) malware called PunkeyPOS that attacks POS terminals and steals card details of customers. The researchers investigated the malware while studying POS attack-related activities in US restaurants.
PunkeyPOS has a two-fold function – installing a keylogger that gathers credit card data as well as a RAM-scraper that reads the magnetic strips on bank cards. The information collected from infected POS is then encrypted and forwarded to a command & control (C&C) server managed by the intruders who could later use it to sell in the black market.
PandaLabs was able to access the malware's control panel and fount that it has infected some 200 POS terminals in the US.
PandaLabs says it has forwarded its findings to US authorities.
More on this story here.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024