TinyPOS: Handcrafted Malware in Assembly Code

guest · May 3, 2019

TinyPOS: Handcrafted Malware in Assembly Code
May 2, 2019
https://www.infosecurity-magazine.com/news/tinypos-handcrafted-malware-in-1/

Legacy software vulnerabilities have created opportunities for hackers to steal credit card data and other personal information using tiny point of sale (POS) malware, according to research published by Forcepoint.

Researchers reportedly analyzed 2,000 samples of POS malware and found that many are handcrafted, written in assembly code and very small; thus, researchers aptly named the malware TinyPOS.

“The most probable initial vector would be a remote hack into the POS system to deliver the Loaders. Other options could include physical access (unlikely) or a rogue auto-update to deliver a compromised file to the POS operating system.”

“This latest credit card–stealing malware is extremely stealth and hard to detect, making some retailers even more vulnerable. Storing data securely is another basic security tenant. If merchants store credit card information offline and don’t encrypt it, it is sure to be stolen and abused,” Wilk said.
Click to expand...

Forepoint: Should non-EMV transactions be phased out completely? An analysis of TinyPOS
TinyPOS: An analysis of a Point-Of-Sale malware ecosystem (PDF - 456 KB): https://www.forcepoint.com/sites/default/files/resources/files/report-tinypos-analysis-en.pdf

Log in or Sign up

TinyPOS: Handcrafted Malware in Assembly Code

guest Guest

Log in or Sign up

TinyPOS: Handcrafted Malware in Assembly Code

guest Guest

Useful Searches