Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » New point-of-sale malware PoSeidon exfiltrates card data to Russian domains

New point-of-sale malware PoSeidon exfiltrates card data to Russian domains

2015/03/23

Softpedia - (International) Security researchers from Cisco Systems' Talos Security Intelligence and Research Group discovered that cybercriminals are using a new point-of-sale (PoS) malware family dubbed PoSeidon that infects systems via a binary file and uses a memory scraping technique to retrieve and clone Discover, American Express, MasterCard, and Visa card information before delivering it to command and control (C&C) servers in Russia. The malware contains routines to ensure persistence regardless of restart or user log-off.

Source: http://news.softpedia.com/news/New-Point-of-Sale-Malware-PoSeidon-Exfiltrates-Card-Data-to-Russian-Domains-476498.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:49