Pro PoS
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 185 |
| First Seen: | December 2, 2015 |
| Last Seen: | April 24, 2023 |
| OS(es) Affected: | Windows |
Pro PoS is a point of sale threat that can be used to collect the consumers' credit card numbers and other data. These types of threats work by infecting the computers involved in recording credit card transactions at retailers. In this way, con artists can collect hundreds or thousands of credit card numbers by infecting a single computer. A new strain of these kinds of point of sale infections named Pro PoS is being sold on underground forums. The arrival of Pro PoS coincides with the Christmas shopping season and Black Friday, increasing the likelihood of victims of this attack. PC security researchers strongly recommend that retailers protect their point of sale equipment with strong, fully updated anti-malware software capable of intercepting infections like Pro PoS, for the safety of their customers.
Table of Contents
The Havoc Caused by Pro PoS and Other Point of Sale Infections
Pro PoS is currently available for sale on underground forums frequented by on artists and hackers. PC security researchers suspect that Pro PoS was created by hackers located in Eastern Europe. The main purpose of Pro PoS is to infect the operating systems of computers that are used in retail. Pro PoS can infect newer operating systems and is capable of bypassing various types of security protections. It is likely that Pro PoS is already being used by third parties around the world. PC security researchers suspect that Pro PoS has also been used to collect credit card data from consumers in the United States and Canada.
A Brief Analyze of Pro PoS Infections
Pro PoS is remarkably tiny. Pro PoS is only 76 KB in size. Pro PoS has rootkit capabilities that along with other features, may allow Pro PoS to avoid various types of anti-malware detection mechanisms. One feature of Pro PoS particularly difficult to combat is its polymorphic engine. This mechanism allows Pro PoS to generate a different signature for each version of itself, making it remarkably difficult for malware analysts to create protective measures that will catch all versions of Pro PoS. Pro PoS supports Tor, which allows Pro PoS to communicate with its Command and Control servers completely anonymously.
Following the Sale of Pro PoS on Underground Websites
In late November, Pro PoS increased in price significantly, which is currently $2600 USD for a six- month license. This may seem like a large amount, but when one considers the possible damage that this threat can cause, it is understandable that con artists are willing to pay such high amounts. In recent weeks, an increase in point of sale threats has been detected in the wild, including ModPos and Cherry Picker. It is likely that the increase in point of sale threats like Pro PoS is related to the rush of retail sales that follows and precedes Thanksgiving in the United States. Unfortunately, Pro PoS is probably one of the most complex point of sale infections that are currently active. In recent times, threats like Pro PoS have been used to target various hotel chains particularly, probably related as well to the increase in holiday travel.
Protecting Your PC from Pro PoS
If you are a retailer, you should ensure that your computer is completely protected from intrusions like Pro PoS. To protect your customers' data, malware researchers recommend the use of a strong security program that is fully up-to-date and regularly scheduled scans with different security tools. You should also educate your employees to ensure they understand how these kinds of threats may be installed.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.