Remove ads
From Wikipedia, the free encyclopedia
A new sophisticated point-of-sale or memory-scraping malware called "Multigrain" was discovered on April 17, 2016 by the FireEye Inc. security company.[1][2] Multigrain malware comes under the family of NewposThings Malware. This malware is similar to the NewposThings, FrameworkPOS and BernhardPOS malware which were known previously as notorious malware.[3][4]
Multigrain uses the Luhn algorithm to validate the credit and debit card details.[5] This POS malware then infects the computer and blocks Hypertext Transfer Protocol (http) and file transfer protocol (ftp) traffic which monitors the data exfiltration.[6][7] It exfiltrates the scraped information of credit and debit card via Domain Name Server (DNS).[8][9] Then it sends the collected payment card information to a 'command and control server' server.[10][11]
Multigrain targets specifically the Windows point of sale system, which has a multi.exe executable file.[12][13] If Multigrain gets into a POS system that does not have multi.exe then it deletes itself without leaving any trace.[14][15]
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.