Malware, Network Security

TreasureHunt POS malware looks to steal your data before it’s too late

Share

FireEye researchers spotted a point-of-sale (POS) malware dubbed TreasureHunt that appears to have been custom-built for a “dump shop” that sells stolen credit card data.

The malware enumerates running processes, extracts payment card information from memory, and then transmits this information to a command and control (CNC) server, according a Mar. 28 blog post.

Cyber crooks are looking to take advantage of memory scrapping POS malware like TreasureHunt before more secure chip and PIN technologies render the data scrapping techniques obsolete, researchers said in the blog. There are currently about 1.2 million merchants that accept the 600 million chip cards now used in the United States.

The researchers said cybercriminals often gain access to the POS systems to implant the malware using previously stolen credentials or brute force login attempts with common passwords.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.