Tuesday, March 5, 2019
Home / Malware / New FastPOS malware targeting Point-of-Sale systems

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly extract stolen credit card details.

Different from most POS malware, FastPOS concentrates on copying harvested data as quickly as possible to its command and control (C&C) servers, in comparison to collecting the data and uploading it sporadically to help stay in the shadows.

Security researchers at Trend Micro have found the malware utilizes a keylogger and a memory scraper to harvest bank information.

“FastPOS captures keystrokes and sends back the entire string to the C&C server once the return key is pressed,”  stated a report by Trend Micro.

The RAM scraper uses a custom formula that tests for valid credit card numbers. The malware primarily searches for international credit cards that don’t ask for PINs.

“FastPOS’s design sets it apart from other POS malware families,” “It appears to be designed to operate in situations where a large, enterprise-scale network may not be present: instead, it is designed for environments with a much smaller footprint.” Trend Micro adds.

Analysts mentioned FastPOS-related infections are now being spotted worldwide within the last couple of months, including the United States, France, Taiwan, Japan, Hong Kong and Brazil.

FastPOS is presently available to purchase on a few underground forums, as well as credit cards from the owners, as you can see below.

FastPOS Malware
Card details from FastPOS being sold on forums

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …