Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Fresh POS Malicious Program Utilizes Mailslots for Ferrying Filched Data

Security researchers belonging to Morphick the security company situated in Cincinnati recently found one fresh POS (point-of-sale) malicious program known as LogPOS which utilizes the mailslots of Microsoft Windows for sending filched credit card data onto attackers' command-and-control (C&C) server, published scmagazine.com dated March 9, 2015.

According to Security Investigator Nick Hoffman of Morphick, it isn't unknown of malware using the mailslots technique since earlier APT assaults have been known exploiting the mechanism; however, a POS malicious program utilizing it is a first attempt. Scmagazine.com published this.

Microsoft describes mailslot as one technicality to have a single way IPC (Inter-Process Communication) through which computer software can save missives that owners of mailslot may retrieve. Within the current instance, the LogPOS creators have exploited the technicality for storing followed with garnering credit card information, Hoffman explains.

He further says that since LogPOS inserts script inside different processes while get each process to hunt memory which is their own, the malware cannot utilize a log as the processes cannot together open identical files simultaneously using write access. Therefore, LogPOS utilizes mailslots instead.

Presuming that LogPOS is able to construct a mailslot, it checks processes vis-à-vis certain whitelist, inserts script for interrupting the processes, scrutinizes to locate credit card data, confirms that same data, transmits it onto mailslot as also ahead onto a remote website.

Hoffman and co-worker Jeremy Humble noticed that the destination to which the malware transmits stolen data doesn't have password protection even, thus indicating the malware creator is likely yet testing their script. Threatpost.com published this, March 3, 2015.

During 2014 same time, Web-surfers were by then amidst gigantic data breaches, while they were still under the impact of the huge Target breach of 2013 as newer hacks into the 'Neiman Marcus' and 'Michaels' stores hit the news.

Since then well-known malicious programs such as Backoff with large exfiltration as well as data stealing abilities have become cyber-attackers' favorite when targeting point-of-sale devices. Against this scenario, probably retail breach revelations in 2015 is comparatively quiet although POS malware developers have still not halted from silently fine tuning their wares.

» SPAMfighter News - 3/17/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page