Hide it well or market it well: Two reports show how point-of-sale malware has users in mind

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/dmsniff-glitchpos-malware-cybercrime-flashpoint-talos/

By Jeff Stone
CYBERSCOOP
March 14, 2019

Sometimes the little things can help cybercriminals separate their wares 
from the pack. It could be an uncommon feature in the malware itself, or 
it could just be a new way to market a familiar strategy.

In unrelated reports Wednesday, cybersecurity companies detailed DMSniff, 
which takes a new approach to remaining stealthy as it steals 
point-of-sale (POS) information from consumers, as well as GlitchPOS, 
which steals credit-card information in a familiar way but comes with an 
instructional video from its creators.

Threat intelligence company Flashpoint reports that DMSniff has quietly 
been in active use since 2016 thanks in part to a domain generation 
algorithm, which allows hackers to continue siphoning data from a web page 
even after police or researchers have taken hackers’ domain pages offline.

Flashpoint notes that the use of such an algorithm is "rarely seen" in the 
smash-and-grab world of POS malware, where thieves typically distribute 
malware to as many sites as possible and hope for an infection.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_