LogPOS

Description

(securitykitten) In most POS variants, one process scrapes memory from other processes and writes discovered track data to a log. Because LogPOS injects code into various processes and has each of them search their own memory, it can’t use a log, since they can’t all open the same file with write access at once. Instead, it uses mailslots.

Names

Name
LogPOS

Category

Malware

Type

• POS malware
• Credential stealer

Information

• https://securitykitten.github.io/2015/11/16/logpos-new-point-of-sale-malware-using-mailslots.html

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.logpos

Other Information

Uuid

82000337-18a0-4e4f-b2d7-7c6776516542

Last Card Change

2020-05-22