https://www.cyberscoop.com/dmsniff-glitchpos-malware-cybercrime-flashpoint-talos/
By Jeff Stone
CYBERSCOOP
March 14, 2019
Sometimes the little things can help cybercriminals separate their wares
from the pack. It could be an uncommon feature in the malware itself, or
it could just be a new way to market a familiar strategy.
In unrelated reports Wednesday, cybersecurity companies detailed DMSniff,
which takes a new approach to remaining stealthy as it steals
point-of-sale (POS) information from consumers, as well as GlitchPOS,
which steals credit-card information in a familiar way but comes with an
instructional video from its creators.
Threat intelligence company Flashpoint reports that DMSniff has quietly
been in active use since 2016 thanks in part to a domain generation
algorithm, which allows hackers to continue siphoning data from a web page
even after police or researchers have taken hackers’ domain pages offline.
Flashpoint notes that the use of such an algorithm is "rarely seen" in the
smash-and-grab world of POS malware, where thieves typically distribute
malware to as many sites as possible and hope for an infection.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
