ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Multigrain

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Multigrain

NamesMultigrain
Multigrain POS
CategoryMalware
TypePOS malware, Credential stealer
Description(FireEye) FireEye recently discovered a new variant of a point of sale (POS) malware family known as NewPosThings. This variant, which we call “MULTIGRAIN”, consists largely of a subset of slightly modified code from NewPosThings. The variant is highly targeted, digitally signed, and exfiltrates stolen payment card data over DNS. The addition of DNS-based exfiltration is new for this malware family; however, other POS malware families such as BernhardPOS and BlackPOS have used this technique in the past.
Information<https://www.fireeye.com/blog/threat-research/2016/04/multigrain_pointo.html>
<https://www.pandasecurity.com/mediacenter/malware/multigrain-malware-pos/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.multigrain_pos>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:multigrain>

Last change to this tool card: 24 May 2020

Download this tool card in JSON format

Previous: Mudwater
Next: MultiLayer Wiper

All groups using tool Multigrain

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]