Threat Management, Malware

New strain of PoS malware set to gain momentum, Anomali

Researchers at Anomali detected a new FrameworkPOS campaign that it says is gaining momentum.

This new malware strain looks like former iterations and uses the same naming conventions, but based on Anomali's analysis of purloined credit card data, the new version, dubbed gpr1, apparently uses only track 2 data, while earlier versions also used track 1 data.

So far, 300 credit card records have been siphoned from two victims, Anomali said. One target might be a small business based in Honolulu while the other apparently is headquartered in Chicago.

The attacks contain references to a PoS software named ALOHA, which the researchers believe could either be a coincidence, as the software just might happen to already be installed, or it could indicate that the attackers are specifically targeting this platform

Over the past few months, FrameworkPOS has been dormant, Anomali said. But, evidence points to the actors behind this malware being "active and well."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.