Malware, Network Security

Cherry Picker POS malware spotted in wild: Trustwave

Researchers at Trustwave spotted the point-of-sale (POS) malware dubbed “Cherry Picker” that they say is unique because it uses configuration files, encryption, obfuscation and command line arguments to avoid detection.

Researchers identified the malware being used to target the food industry and said it can target virtually any POS software to steal credit card information as well as privileged credentials to remotely access a customer's network, according to a Trustwave blog that will post on Nov. 13.

The malware uses a new memory scraping algorithm, a file infector for persistence and cleaner malware that removes all traces of the infection from target systems making the malware harder to detect, Trustwave Security Researcher Eric Merritt told

Merritt said a less sophisticated version of the malware was first spotted by Trustwave in 2010.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.