FastPOS

From HandWiki

FastPOS is a variant of POS malware discovered by Trend Micro researchers.[1] The new POS malware foregrounds on how speed the credit card data is stolen and sent back to the hackers.[2] [3]

History

Researchers at Trend Micro have named the new malware variant as TSPY_FASTPOS.SMZTDA.[4] The malware is used by hackers to target small and mid-sized businesses (SMBs) in many countries like France , Taiwan, Japan , Brazil , Hong Kong and United States . [5]

Operation

Unlike other POS malware, FastPOS does not store the information locally to send it to the cyber thieves periodically. [6] The variant POS malware executes the attack on the target through infected websites or through Virtual Network Computing (VNC) or via file sharing service. The stolen data is instantly transferred to the Control and Command Server that is hardcoded by the hacker. The POS malware consists of two components– a keylogger and a RAM scraper. [7] The logged keystrokes are stored in memory and transmitted to the attacker when the Enter key is pressed and are not stored in a file of the infected system.[8] The stolen data can be user credentials, payment information which depends on the business procedures.[9] The RAM scraper is devised to steal only credit card data. [10] The memory scraper is designed to verify the service code of the credit card to help remove out cards that demands PINS.[11]

See also

References

  1. "Trend Micro discovers FastPOS". https://www.us-cert.gov/ncas/alerts/TA14-212A. 
  2. "Quick and Easy Credit Card Theft with FastPOS". http://blog.trendmicro.com/trendlabs-security-intelligence/fastpos-quick-and-easy-credit-card-theft/. 
  3. "FastPOS Malware Breaches and Delivers Credit Card Data Instantly". https://securebox.comodo.com/blog/pos-malware/new-fastpos-malware-breaches-pos-system-instantly-delivers-theft-data/. 
  4. "FastPOS malware instantly delivers stolen credit card data". 3 June 2016. http://www.scmagazine.com/fastpos-malware-instantly-delivers-stolen-credit-card-data/article/500866/. 
  5. "FastPos uses Speed Exfiltration Technique". http://securityaffairs.co/wordpress/48012/malware/fastpos-pos-malware.html. 
  6. "FastPOS Chooses Swift, Tosses Subtle". https://securityintelligence.com/news/need-for-speed-fastpos-chooses-swift-tosses-subtle/. 
  7. "New FastPOS malware family has scatter-gun approach to data theft". https://ibsintelligence.com/ibs-journal/ibs-news/new-fastpos-malware-family-has-scatter-gun-approach-to-data-theft/. 
  8. "FastPOS Malware works on Data Exfiltration Speed". 5 June 2016. http://news.softpedia.com/news/new-fastpos-malware-focuses-on-data-exfiltration-speed-504889.shtml. 
  9. "Monthly Cyber Threat Briefing". https://hitrustalliance.net/documents/monthly_threat/2016/HITRUST-HHS-MTB-June-2016.pdf. 
  10. Zetter, Kim. "How Ram Scrapers Work: The Sneaky Tools Behind the Latest Credit Card Hacks". Wired. https://www.wired.com/2014/09/ram-scrapers-how-they-work/. Retrieved 2019-08-30. 
  11. "FastPOS'speedy delivery of stolen credit card data". 6 June 2016. https://www.bluefin.com/industry-news/fastpos-malware-instantly-delivers-stolen-credit-card-data/. 



Retrieved from "https://handwiki.org/wiki/index.php?title=FastPOS&oldid=3380800"