NitlovePOS: another new POS malware
Jump to navigation
Jump to search
(Publication) Google search: [1]
| NitlovePOS: another new POS malware | |
|---|---|
| Botnet | NitlovePOS |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | Spam |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2015 / 2015-05-23 |
| Editor/Conference | FireEye |
| Link | https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos another.html (Archive copy) |
| Author | Nart Villeneuve, Daniel Regalado |
| Type | Blogpost |
Abstract
“ The NitlovePOS malware can capture and ex-filtrate track one and track two payment card data by scanning the running processes of a compromised machine. It then sends this data to a webserver using SSL.
We believe the cybercriminals assess the hosts compromised via indiscriminate spam campaigns and instruct specific victims to download the POS malware.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR1567,
editor = {FireEye},
author = {Nart Villeneuve, Daniel Regalado},
title = {NitlovePOS: another new POS malware},
date = {23},
month = May,
year = {2015},
howpublished = {\url{https://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html}},
}