Multigrain

Description

(FireEye) FireEye recently discovered a new variant of a point of sale (POS) malware family known as NewPosThings. This variant, which we call “MULTIGRAIN”, consists largely of a subset of slightly modified code from NewPosThings. The variant is highly targeted, digitally signed, and exfiltrates stolen payment card data over DNS. The addition of DNS-based exfiltration is new for this malware family; however, other POS malware families such as BernhardPOS and BlackPOS have used this technique in the past.

Names

Name
Multigrain
Multigrain POS

Type

POS malware
Credential stealer

Information

https://www.fireeye.com/blog/threat-research/2016/04/multigrain_pointo.html
https://www.pandasecurity.com/mediacenter/malware/multigrain-malware-pos/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.multigrain_pos

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:multigrain

Other Information

Uuid

4af3fb73-4104-49ad-b124-59d1ae82939f

Last Card Change

2020-05-24

Threat Intelligence Garden

Explorer

Multigrain

Multigrain

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks