The Latest in IT Security

New Variant of TinyPOS Discovered

06
Apr
2016
New Variant of TinyPOS Discovered

malware_keyboard_converted

While we wait to discover what and how the Trump Hotel Collection was breached, a new version of the TinyPOS point-of-sale (PoS) malware has been discovered by Foregenix.

This malware functions as a typical memory scraper. It gathers input card data before the system can encrypt it, but is written in “‘hand rolled’ assembly language and comes in at only 5120 bytes.”

“The malware contains an old school exclusion list that performs extremely rapid double word comparisons rather than the slower but far more common string comparisons to identify which process to ignore, and internally validates the identified account data through an implementation of the Luhn algorithm,” states the alert. The Luhn algorithm uses the last four digits of a card number against the preceding numbers – it simply checks the number is a valid card number.

Read More

Leave a reply


Categories

THURSDAY, DECEMBER 14, 2017

Featured

Archives

Latest Comments

Social Networks