• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cybercriminals used two pos malware to steal details of over

Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards

You are here: Home / General Cyber Security News / Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards
October 25, 2022

Two stage-of-sale (PoS) malware variants have been set to use by a threat actor to steal facts linked to more than 167,000 credit score cards from payment terminals.

According to Singapore-headquartered cybersecurity organization Team-IB, the stolen information dumps could net the operators as much as $3.34 million by marketing them on underground forums.

When a substantial proportion of attacks aimed at collecting payment details rely on JavaScript sniffers (aka web skimmers) stealthily inserted on e-commerce internet websites, PoS malware carries on to be an ongoing, if fewer well-liked, danger.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Just past thirty day period, Kaspersky in-depth new strategies adopted by a Brazilian threat actor identified as Prilex to steal dollars by suggests of fraudulent transactions.

“Almost all POS malware strains have a comparable card dump extraction operation, but various methods for maintaining persistence on infected units, information exfiltration and processing,” scientists Nikolay Shelekhov and Reported Khamchiev stated.

Treasure Hunter and its sophisticated successor MajikPOS are alike in that they are built to brute-drive their way into a PoS terminal, or alternatively purchase preliminary accessibility from other parties acknowledged as preliminary obtain brokers, adopted by extracting payment card data from the system’s memory, and forwarding it to a remote server.

It can be worthy of noting that MajikPOS very first came to mild in early 2017, mainly affecting enterprises across the U.S. and Canada. Treasure Hunter (aka TREASUREHUNT), on the other hand, has been chronicled given that 2014, with its resource code struggling a leak in 2018.

Group-IB, which discovered the command-and-management (C2) servers, associated with the two PoS malware, mentioned 77,428 and 90,024 distinctive payment data have been compromised by MajikPOS and Treasure Hunter concerning February and September 2022.

Most of the stolen cards are reported to have been issued by banking companies in the U.S., Puerto Rico, Peru, Panama, the U.K., Canada, France, Poland, Norway, and Costa Rica.

CyberSecurity

The identification of the prison actors guiding the scheme is not known, and it can be at this time not obvious if the pilfered data has now been bought for financial gains by the team.

This can have severe effects must the card-issuing banks not implement adequate defense mechanisms, efficiently enabling bad actors to use cloned cards to illicitly withdraw money and make unauthorized transactions.

“PoS malware has come to be a lot less appealing for threat actors in modern many years thanks to some of its constraints and the security measures applied within the card payment sector,” the researchers claimed.

“Yet, […] it continues to be a sizeable risk to the payment business as a complete and to independent companies that have not but carried out the most current security practices. It is as well early to write off PoS malware.”

Discovered this write-up fascinating? Adhere to THN on Facebook, Twitter  and LinkedIn to study additional exceptional content we post.


Some areas of this short article are sourced from:
thehackernews.com

Previous Post: «2022 strategic roadmap for data security platform convergence 2022 Strategic roadmap for data security platform convergence
Next Post: How the Software Supply Chain Security is Threatened by Hackers how the software supply chain security is threatened by hackers»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.