TreasureHunt: a custom POS malware tool

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

TreasureHunt: a custom POS malware tool
Botnet TreasureHunt
Malware
Botnet/malware group Point-of-sale
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2016 / 2016-03-28
Editor/Conference FireEye
Link https://www.fireeye.com/blog/threat-research/2016/03/treasurehunt a cust.html (Archive copy)
Author Nart Villeneuve
Type Blogpost

Abstract

In this article we examine TREASUREHUNT, POS malware that appears to have been custom-built for the operations of a particular “dump shop,” which sells stolen credit card data. TREASUREHUNT enumerates running processes, extracts payment card information from memory, and then transmits this information to a command and control server.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2016BFR4917,
   editor = {FireEye},
   author = {Nart Villeneuve},
   title = {TreasureHunt: a custom POS malware tool},
   date = {28},
   month = Mar,
   year = {2016},
   howpublished = {\url{https://www.fireeye.com/blog/threat-research/2016/03/treasurehunt_a_cust.html}},
 }