ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool ModPOS

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: ModPOS

NamesModPOS
straxbot
CategoryMalware
TypeReconnaissance, POS malware, Backdoor, Keylogger, Credential stealer
Description(FireEye) ModPOS is highly modular and can be configured to target specific systems with components such as uploader/downloader, keylogger, POS RAM scraper and custom plugins for credential theft and other specialized functions like network reconnaissance. We believe other capabilities could also be leveraged. The modules are packed kernel drivers that use multiple methods of obfuscation and encryption to evade even the most sophisticated security controls.
Information<https://www.fireeye.com/blog/threat-research/2015/11/modpos.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.modpos>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:modpos>

Last change to this tool card: 28 December 2022

Download this tool card in JSON format

Previous: ModPipe
Next: MoleNet

All groups using tool ModPOS

ChangedNameCountryObserved

APT groups

 Operation Black Atlas[Unknown]2015 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]