RawPOS
Associated Software Descriptions |
|
| Name | Description |
|---|---|
| FIENDCRY | The FIENDCRY component is a memory scraper based on MemPDump that scans through process memory looking for regular expressions. Its stage 1 component scans all processes, and its stage 2 component targets a specific process of interest. (Citation: Mandiant FIN5 GrrCON Oct 2016) (Citation: Github Mempdump) (Citation: DarkReading FireEye FIN5 Oct 2015) |
Groups That Use This Software |
||
| ID | Name | References |
|---|---|---|
| G0053 | FIN5 |
(Citation: DarkReading FireEye FIN5 Oct 2015) (Citation: Mandiant FIN5 GrrCON Oct 2016) |
References
- Higgins, K. (2015, October 13). Prolific Cybercrime Gang Favors Legit Login Credentials. Retrieved October 4, 2017.
- DiabloHorn. (2015, March 22). mempdump. Retrieved October 6, 2017.
- Nesbit, B. and Ackerman, D. (2017, January). Malware Analysis Report - RawPOS Malware: Deconstructing an Intruder’s Toolkit. Retrieved October 4, 2017.
- Bromiley, M. and Lewis, P. (2016, October 7). Attacking the Hospitality and Gaming Industries: Tracking an Attacker Around the World in 7 Years. Retrieved October 6, 2017.
- TrendLabs Security Intelligence Blog. (2015, April). RawPOS Technical Brief. Retrieved October 4, 2017.
- Visa. (2015, March). Visa Security Alert: "RawPOS" Malware Targeting Lodging Merchants. Retrieved October 6, 2017.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.