NitlovePOS: another new POS malware
Jump to navigation
Jump to search
(Publication) Google search: [1]
NitlovePOS: another new POS malware | |
---|---|
Botnet | NitlovePOS |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | Spam |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2015 / 2015-05-23 |
Editor/Conference | FireEye |
Link | https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos another.html (Archive copy) |
Author | Nart Villeneuve, Daniel Regalado |
Type | Blogpost |
Abstract
“ The NitlovePOS malware can capture and ex-filtrate track one and track two payment card data by scanning the running processes of a compromised machine. It then sends this data to a webserver using SSL.
We believe the cybercriminals assess the hosts compromised via indiscriminate spam campaigns and instruct specific victims to download the POS malware.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR1567, editor = {FireEye}, author = {Nart Villeneuve, Daniel Regalado}, title = {NitlovePOS: another new POS malware}, date = {23}, month = May, year = {2015}, howpublished = {\url{https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html}}, }