Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly extract stolen credit card details.
Different from most POS malware, FastPOS concentrates on copying harvested data as quickly as possible to its command and control (C&C) servers, in comparison to collecting the data and uploading it sporadically to help stay in the shadows.
Security researchers at Trend Micro have found the malware utilizes a keylogger and a memory scraper to harvest bank information.
“FastPOS captures keystrokes and sends back the entire string to the C&C server once the return key is pressed,” stated a report by Trend Micro.
The RAM scraper uses a custom formula that tests for valid credit card numbers. The malware primarily searches for international credit cards that don’t ask for PINs.
“FastPOS’s design sets it apart from other POS malware families,” “It appears to be designed to operate in situations where a large, enterprise-scale network may not be present: instead, it is designed for environments with a much smaller footprint.” Trend Micro adds.
Analysts mentioned FastPOS-related infections are now being spotted worldwide within the last couple of months, including the United States, France, Taiwan, Japan, Hong Kong and Brazil.
FastPOS is presently available to purchase on a few underground forums, as well as credit cards from the owners, as you can see below.
