New PoS Malware, PoSeidon, Discovered in the Wild

A new Point-Of-Sale malware has been discovered by security researchers.

The malware family, dubbed PoSeidon, is said to be nastier and more sophisticated than the PoS malwares before it.  It has the capabilities of both the Zeus banking trojan and BlackPoS malware which hit Target and Home Depot respectively.

PoSeidon  scrapes memory from PoS systems, searching for card number sequences of large card companies like Visa and Mastercard.  Then it uses a the Luhn algorithm to verify that the numbers are valid.  The information is then sent to .ru (Russian) domains.

The malware uses a loader binary in an attempt to hang on to its targeted system after a reboot.  It then makes contact with one of the .ru domains, which contains the FindStr binary which installs a keylogger on the PoS device.

For  information on how you can prevent your organization from being breached, visit www.miltonsecurity.com or call 714-515-4011.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *