Wapack Labs Technical Analysis – Wapack Labs Blog – Blogger
Originally published on January 30, 2014, this analysis product was offered privately during the height of the Target breach. Over the weekend (August 2014), more reports followed of point of sale exploitation with BlackPOS. Several others have provided technical analysis of BlackPOS, but we’ve decided to openly post this analysis because of it’s closeness to another builder “VSkimmer”, and the need for a farmed indicator list.
This analysis is provided by Wapack Labs as part of an ongoing analysis of POS exploits in the wake of the recent widespread retailer breaches.
Please, enjoy!
Executive Summary:
Automated tools are often
times used by hackers to generate malware. This report summarizes two cracked Point
of Sale (POS) “malware builders” obtained by Wapack Labs in January 2014. The
first is identified as a VSkimmer variant and the second as BlackPOS. Both
builders were cracked by French white-hat hacker Xylitol. This report also provides
protocol details and signatures for the analyzed specimens and the payloads
generated by the respective builder kits.Wapack Labs analyzed both builders in one report because of a common thread –they’re both weaponized
using the same backdoor. It is possible that in both cases, this serves as an
additional channel for acquiring stolen credit card data.
More here:
Wapack Labs Technical Analysis – Wapack Labs Blog – Blogger
See which stocks are being affected by Social Media
