BlackPOS
BlackPOS is a malware threat that infects point-of-sale (POS) systems in the US banks that involve Chase, Capital One, Citibank, Union Bank of California and Nordstrom Bank. BlackPOS is promoted on underground forums on the web under the rather generic name of 'Dump Memory Grabber by Ree', but an administration panel linked to the malware infection that uses the name 'BlackPOS' has been seen by security researchers. BlackPOS corrupts PCs running Windows that are part of POS systems and have card readers added to them. These PCs are generally found throughout automated web scans and are corrupted because they have unpatched vulnerabilities in the operating system or use weak remote administration credentials. BlackPOS is also deployed with help from insiders. When installed on a POS system, BlackPOS recognizes the running process pertaining to the credit card reader and steals payment card Track 1 and Track 2 data from its memory. This is the information stored on the magnetic strip of payment cards and can later be used form making the clones of them. BlackPOS doesn't have an offline data extraction method. The grabbed information is uploaded to a remote server via FTP.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.