A forum for reverse engineering, OS internals and malware analysis 

Search found 4 matches

 Go to advanced search

Re: Point-of-Sale malwares / RAM scrapers

 by jgrunz ¦  Tue Sep 09, 2014 4:47 pm ¦  Forum: Malware ¦  Topic: Point-of-Sale malwares / RAM scrapers ¦  Replies: 244 ¦  Views: 865201

The sample referenced by TrendMicro isn't BlackPOS. I wasn't going to call them out on it publicly, but then Krebs started grasping at straws and now everyone thinks it's BlackPOS v2. http://blog.nuix.com/2014/09/08/blackpos-v2-new-variant-or-different-family/ Also, @creek You're correct about it Be...

Re: Point-of-Sale malwares / RAM scrapers

 by jgrunz ¦  Thu Jul 31, 2014 5:20 pm ¦  Forum: Malware ¦  Topic: Point-of-Sale malwares / RAM scrapers ¦  Replies: 244 ¦  Views: 865201

Some further info about some of the technical components:

http://blog.spiderlabs.com/2014/07/back ... lysis.html

Overall, it's nothing too revolutionary, but it's an interesting family nontheless. The explorer.exe injection/persistence mechanism is pretty interesting for sure.

Re: Malware in mexican ATM

 by jgrunz ¦  Tue Dec 31, 2013 2:37 pm ¦  Forum: Malware ¦  Topic: Malware in mexican ATM ¦  Replies: 19 ¦  Views: 44213

That article is in reference (I believe) to a talk that was given at 30c3 recently where they discussed some Brazilian ATM malware that was discovered. The talk has been posted to youtube, and you can check it out here: https://www.youtube.com/watch?v=0c08EYv4N5A Haven't had any luck tracking down a...

Re: Point-of-Sale malwares / RAM scrapers

 by jgrunz ¦  Wed Sep 25, 2013 2:14 pm ¦  Forum: Malware ¦  Topic: Point-of-Sale malwares / RAM scrapers ¦  Replies: 244 ¦  Views: 865201