Malumpos Malware

Malumpos is a point of sale malware that are designed to steal or scrape customer’s credit and debit card detail from point of sale system.^[1] These are designed in a way that it records point of sale’s data which is running in an Oracle MICROS payment system of the restaurant.^[2][3] The collected data has been used in 333,000 customer sites around the world.^[4] Malumpos Malware targets hotels and other US businesses and put the retail customers at risk.^[5] This POS RAM Scraper is written in the Delphi programming language.^[6][7] Malumpos monitors, processes, scrapes the stolen data of the infected POS system and the RAM.^[8] First it stores the stolen credit or debit card details of the customer from the infected point of sale system once it is swiped.^[9] Then it sends the data to the cybercriminal to empty the customer bank balance or the details are sold to the black market.^[10]

How Malumpos gets Installed

Much like the other point of sale malware, the Malumpos get into the computer unknowingly and conceals its identity as Nvidia Display Driver or Nvidia Display Driv3r.^[11][12][13] This malware appears to be legitimate software to the victims because all the peripherals function correctly. This malware infects Oracle MICROS, Oracle Forms, Shift4 systems and systems accessed via Internet Explorer.^[14][15]

See also

• Point of sale
• Cyber security standards
• List of cyber attack threat trends
• Cyber electronic warfare
• Point-of-sale malware
• Malware

References

1. https://www.zdnet.com/article/malumpos-malware-targets-hotels-to-scrape-customer-credit-cards/ MalumPoS malware targets hotels, scrapes customer credit cards
2. https://securityintelligence.com/the-pos-malware-epidemic-the-most-dangerous-vulnerabilities-and-malware/ The POS Malware Epidemic: The Most Dangerous Vulnerabilities and Malware
3. https://securebox.comodo.http://www.computerworld.com/article/2932231/security0/malware-targets-oracle-micros-point-of-sale-customers.htmlcom/blog/pos-malware/oracles-micros-customer-pos-systems-infected-malumpos/ Oracle’s MICROS Customer POS Systems Infected with MalumPOS
4. http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-malumpos-targets-hotels-and-other-us-industries/ Malware Targeting Hotels and other US Industries
5. http://www.tripwire.com/state-of-security/latest-security-news/malumpos-malware-targeting-the-hospitality-and-retail-industries/ MalumPoS Malware Targeting the Hospitality and Retail Industries
6. http://www.quorion.com/blog/pos-systems/malumpos-malware/ MalumPOS Malware that Can Be Configured to Target Any POS System
7. http://www.tripwire.com/state-of-security/latest-security-news/malumpos-malware-targeting-the-hospitality-and-retail-industries/ MalumPoS Malware Targeting the Hospitality and Retail Industries
8. http://sensorstechforum.com/malumpos-ram-scraper-attacks-oracle-micros-pos-systems/ MalumPos RAM Scraper Attacks Oracle Micros PoS Systems
9. http://www.cyber.nj.gov/threat-profiles/pos-malware-variants/malumpos MalumPOS
10. http://www.akati.com/warlock/?p=906 MalumPoS – the New PoS Malware
11. http://www.securityweek.com/malumpos-malware-targets-oracle-micros-pos-systems MalumPOS Malware Targets Oracle Micros PoS Systems
12. http://securityaffairs.co/wordpress/37612/cyber-crime/malumpos-pos-malware.html Malware researchers at Trend Micro have discovered a news strain of the malumPoS used to target hospitality, food and beverage, and retail industries.
13. https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=824 Oracle Micros PoS Customers Targeted By MalumPoS Malware
14. http://www.computerworld.com/article/2932231/security0/malware-targets-oracle-micros-point-of-sale-customers.html Malware Targets Oracle Micros Point of Sale Customers
15. https://dorset.tech/nasty-new-malware-doing-the-rounds-lowerbeforwarden-ml/ File Manager Hacked: Nasty new Malware doing the rounds