Malware researchers at Flashpoint revealed that since 2016, a
DMSniff uses multiple techniques to protect itself and the C2 communications, including a simple
“Point-of-sale malware previously only privately sold has been used in breaches of small- and medium-sized businesses in the restaurant and entertainment industries. The malware, known as DMSniff, also uses a domain generation algorithm (DGA) to create lists of command-and-control domains on the fly. ” reads the analysis published by Flashpoint.
In order to steal credit card data from the POS systems, the malware search for interesting process and loops through the memory sections to attempt to find credit card data.
“Each time it finds an interesting process, it will loop through the memory sections to attempt to find a credit card number.” continues the analysis. “Once a number is found, the bot will take the card data and some of the surrounding
Further details about the DMSniff, including indicators of compromise (IoCs), are reported in the analysis published by Flashpoint.
“DMSniff is another name in a growing list of evolving threats for the point-of-sale malware world. During our research we found that this malware was primarily utilized to target small to
(SecurityAffairs – SDMSniff point-of-sale malware
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.