MultigrainMalware
   HOME

TheInfoList



Click Here for Items Related To - MultigrainMalware
OR:
MultigrainMalware on:   [Wikipedia]   [Google]   [Amazon]

A new sophisticated point-of-sale or memory-scraping malware called "Multigrain" was discovered on April 17, 2016 by the
FireEye Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company that was founded in 2022. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and ana ...
Inc. security company. Multigrain malware comes under the family of NewposThings Malware. This malware is similar to the NewposThings, FrameworkPOS and BernhardPOS malware which were known previously as notorious malware.


Process of Multigrain malware

Multigrain uses the
Luhn algorithm The Luhn algorithm or Luhn formula (creator: IBM scientist Hans Peter Luhn), also known as the " modulus 10" or "mod 10" algorithm, is a simple check digit formula used to validate a variety of identification numbers. The algorithm is in the pub ...
to validate the
credit Credit (from Latin verb ''credit'', meaning "one believes") is the trust which allows one party to provide money or resources to another party wherein the second party does not reimburse the first party immediately (thereby generating a debt) ...
and
debit card A debit card, also known as a check card or bank card, is a payment card that can be used in place of cash to make purchases. The card usually consists of the bank's name, a card number, the cardholder's name, and an expiration date, on either ...
details. This POS malware then infects the computer and blocks
Hypertext Transfer Protocol HTTP (Hypertext Transfer Protocol) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, wher ...
(http) and
file transfer protocol The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and d ...
(ftp) traffic which monitors the data exfiltration. It exfiltrates the scraped information of credit and debit card via Domain Name Server (DNS). Then it sends the collected
payment card Payment cards are part of a payment system issued by financial institutions, such as a bank, to a customer that enables its owner (the cardholder) to access the funds in the customer's designated bank accounts, or through a credit account and ...
information to a ' command and control server' server.


Targets one POS platform

Multigrain targets specifically the Windows
point of sale The point of sale (POS) or point of purchase (POP) is the time and place at which a retail transaction is completed. At the point of sale, the merchant calculates the amount owed by the customer, indicates that amount, may prepare an invoice f ...
system, which has a multi.exe executable file. If Multigrain gets into a POS system that does not have multi.exe then it deletes itself without leaving any trace.


See also

* Point-of-sale malware *
Cyber electronic warfare Cyber- is a prefix derived from 'cybernetic,' used in terms relating to computers, technology, networks (including Internet), and others. Cyber may also refer to: Computers * CDC Cyber, a range of mainframe computers Arts and entertainment * Cy ...
*
List of cyber attack threat trends A cyberattack (or cyber attack) occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content. The rising dependence on increasingly complex and inte ...
*
Malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
*
Cyber security standards Information security standards (also cyber security standards) are techniques generally outlined in published materials that attempt to protect a user's or organization's cyber environment. This environment includes users themselves, networks, devi ...


References

{{Malware, state=collapsed Cyberwarfare Windows trojans Carding (fraud)