HOME

TheInfoList



Click Here for Items Related To - PunkeyPOS Malware
OR:
PunkeyPOS Malware on:   [Wikipedia]   [Google]   [Amazon]

PunkeyPOS is a new type of Point of Sale Malware which was discovered by PandaLabs in 2016. This new Point of Sale Malware infects the
Point of Sale The point of sale (POS) or point of purchase (POP) is the time and place at which a retail transaction is completed. At the point of sale, the merchant calculates the amount owed by the customer, indicates that amount, may prepare an invoice f ...
(POS) Systems with two types of malware applications - keylogger and RAM Scraper. PunkeyPOS gets installed into the computer automatically without the knowledge of the user, in a similar manner as other POS malware.


Process of Punkey malware

The
keylogger Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored ...
captures and records the keystrokes made at the POS terminals in the
retail stores The retail format (also known as the retail formula) influences the consumer's store choice and addresses the consumer's expectations. At its most basic level, a retail format is a simple marketplace, that is; a location where goods and services are ...
. It captures data only related to
credit card A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's accrued debt (i.e., promise to the card issuer to pay them for the amounts plus the o ...
s. The RAM Scraper reads the memory of the system processes in the POS terminals. The information in the magnetic strips on the cards gets stored in the POS terminal/ device memory and this stolen information is then encrypted and forwarded to the cybercriminal's
Control and Command Server A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its con ...
(C&C).


Data breach report

It has been reported by PandaLabs that about 200 retail stores that use POS systems have been infected with this new variant of PunkeyPOS malware.


See also

*
Point-of-sale malware Point-of-sale malware (POS malware) is usually a type of malicious software (malware) that is used by cybercriminals to target point of sale (POS) and payment terminals with the intent to obtain credit card and debit card information, a card's tr ...
*
Cyber security standards IT security standards or cyber security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all ...
*
List of cyber attack threat trends A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...


References

Theft Windows trojans Cyberwarfare Carding (fraud) {{Comp-eng-stub