Most POS (Point of Sale) malware works by infecting a system and staying hidden, collecting data in a file and uploading it to its server at regular intervals. However, FastPOS uses a unique approach to data exfiltration, by sending any stolen data to the control and command (C&C) server as soon as possible.
When the user presses Enter, the data is sent to the C&C server, along with the name of the window from where it was collected. This keylogger module can be used for all sorts of malicious activities, not just stealing credit card details.
Researchers from Trend Micro also found an ad selling the malware on a forum hosting all sorts of stolen credit card details.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now