Cherry Picker POS malware spotted in wild: Trustwave

Researchers have spotted the POS malware dubbed "Cherry Picker" targeting the food and beverage industry.
Researchers have spotted the POS malware dubbed "Cherry Picker" targeting the food and beverage industry.

Researchers at Trustwave spotted the point-of-sale (POS) malware dubbed “Cherry Picker” that they say is unique because it uses configuration files, encryption, obfuscation and command line arguments to avoid detection.

Researchers identified the malware being used to target the food industry and said it can target virtually any POS software to steal credit card information as well as privileged credentials to remotely access a customer's network, according to a Trustwave blog that will post on Nov. 13.

The malware uses a new memory scraping algorithm, a file infector for persistence and cleaner malware that removes all traces of the infection from target systems making the malware harder to detect, Trustwave Security Researcher Eric Merritt told SCMagazine.com.

Merritt said a less sophisticated version of the malware was first spotted by Trustwave in 2010.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS