Alina POS
Description
(Trustwave) Alina is a well-documented family of malware used to scrape Credit Card (CC) data from Point of Sale (POS) software. We published a series of in-depth write-ups on the capabilities Alina possesses as well as the progression of the versions. Xylitol has a nice write-up on the Command and Control (C&C) aspects of Alina.
Names
| Name |
|---|
| Alina POS |
| Track |
| alina_eagle |
| alina_spark |
| aline_joker |
| katrina |
Category
Malware
Type
- POS malware
- Reconnaissance
- Credential stealer
Information
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/alina-pos-malware-sparks-off-a-new-variant/
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina—Casting-a-Shadow-on-POS/
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina—Following-The-Shadow-Part-1/
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina—Following-The-Shadow-Part-2/
- http://www.xylibox.com/2013/02/alina-34-pos-malware.html
- https://www.xylibox.com/2013/10/inside-malware-campaign-alina-dexter.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/two-new-pos-malware-affecting-us-smbs/
- https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-pos-ram-scraper-malware.pdf
- https://www.secureworks.com/research/point-of-sale-malware-threats
- https://blog.centurylink.com/alina-point-of-sale-malware-still-lurking-in-dns/
Malpedia
Other Information
Uuid
4682195b-5e67-4d26-bde7-1d915344b84f
Last Card Change
2020-07-02