Incident Response, Malware, TDR

Researchers discover new point-of-sale malware, JackPOS

Researchers with cyber intelligence company IntelCrawler have discovered a new point-of-sale (POS) malware known as JackPOS, which is said to have code similar to the RAM-scraping POS malware known as Alina.

“According to received information it is distributed using drive-by download attack and manual planting after successful remote channels brute forcing (RDP, VNC, PC Anywhere),” Andrew Komarov, CEO at IntelCrawler, told SCMagazine.com in a Friday email.

The JackPOS malware has a very low detection rate, according to Komarov, who added that the first compromised victims began appearing around Feb. 6 in the United States, Brazil, Korea and other locations.

IntelCrawler has spent the last month investigating POS malware, including Decebal, which is operational based on 400 lines of VBScript code, and BlackPOS, which may be related to recent attacks on U.S. retailers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.