UDPoS

Description

(Forcepoint) Point of Sale malware has been around for some time and has been deployed against a broad range of businesses from retailers to hotel groups. However, this appears to be a new family which we are currently calling ‘UDPoS’ owing to its heavy use of UDP-based DNS traffic. At the time of writing, it’s unclear whether the malware is currently being used in campaigns in the wild, although the coordinated use of LogMeIn-themed filenames and C2 URLs, coupled with evidence of an earlier Intel-themed variant, suggest that it may well be.

Names

Name
UDPoS

Type

POS malware
Credential stealer

Information

https://www.forcepoint.com/blog/x-labs/udpos-exfiltrating-credit-card-data-dns
https://threatmatrix.cylance.com/en_us/home/threat-spotlight-inside-udpos-malware.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.udpos

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:udp%20pos

Other Information

Uuid

d1b2544d-3721-4d8f-91e6-5d777a5f56d9

Last Card Change

2020-05-24

Threat Intelligence Garden

Explorer

UDPoS

UDPoS

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks