Malware, Network Security

Cherry Picker POS malware spotted in wild: Trustwave

Researchers at Trustwave spotted the point-of-sale (POS) malware dubbed “Cherry Picker” that they say is unique because it uses configuration files, encryption, obfuscation and command line arguments to avoid detection.

Researchers identified the malware being used to target the food industry and said it can target virtually any POS software to steal credit card information as well as privileged credentials to remotely access a customer's network, according to a Trustwave blog that will post on Nov. 13.

The malware uses a new memory scraping algorithm, a file infector for persistence and cleaner malware that removes all traces of the infection from target systems making the malware harder to detect, Trustwave Security Researcher Eric Merritt told SCMagazine.com.

Merritt said a less sophisticated version of the malware was first spotted by Trustwave in 2010.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds