LockPOS

Description

(Cylance) LockPOS is a point-of-sale malware discovered in 2017 that is used to exfiltrate payment card data from targeted point-of-sale systems’ memory. The most recent version of LockPOS examined here changed its injection technique to drop the malware directly to the kernel to evade detection and bypass traditional antivirus (AV) hooks.

Names

Name
LockPOS

Type

POS malware
Credential stealer

Information

https://threatvector.cylance.com/en_us/home/threat-spotlight-lockpos-point-of-sale-malware.html
https://www.arbornetworks.com/blog/asert/lockpos-joins-flock/
https://www.cyberbit.com/new-lockpos-malware-injection-technique/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.lock_pos

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:LockPoS

Other Information

Uuid

d309aab8-3ff4-4f80-8d7f-a1834714fac9

Last Card Change

2020-05-24

Threat Intelligence Garden

Explorer

LockPOS

LockPOS

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks