Maybe a bit "geeky" but interesting read. It's a PDF document. http://www.trendmicro.com/cloud-con...e/white-papers/wp-pos-ram-scraper-malware.pdf
Yes, they really went at it, a bit too much info for me, however still a bit interesting. I quickly "scanned" the paper for the most interesting info.