ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Home > List all groups > List all tools > List all groups using tool ModPOS

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: ModPOS

TypeReconnaissance, POS malware, Backdoor, Keylogger, Credential stealer
Description(FireEye) ModPOS is highly modular and can be configured to target specific systems with components such as uploader/downloader, keylogger, POS RAM scraper and custom plugins for credential theft and other specialized functions like network reconnaissance. We believe other capabilities could also be leveraged. The modules are packed kernel drivers that use multiple methods of obfuscation and encryption to evade even the most sophisticated security controls.
AlienVault OTX<>

Last change to this tool card: 24 May 2020

Download this tool card in JSON format

All groups using tool ModPOS


APT groups

 Operation Black Atlas[Unknown]2015 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]