ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Punkey

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Punkey

NamesPunkey
PunkeyPOS
Punkey POS
pospunk
poscardstealer
CategoryMalware
TypePOS malware, Credential stealer
Description(Trustwave) During a recent United States Secret Service investigation, Trustwave encountered a new family of POS malware, that we named Punkey. It appears to have evolved from the NewPosThings family of malware first discovered by Dennis Schwarz and Dave Loftus at Arbor Networks. While this malware shares some commonalities with that family, it departs from the standard operating procedure of the previous versions rather dramatically. In a blog post, TrendMicro also detailed recently compiled versions of the NewPOSthings family that bear a closer resemblance to NewPOSthings than Punkey. This suggests that multiple actors may be using similar source code, or the malware is being customized as a service for targeted campaigns.
Information<https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/new-pos-malware-emerges-punkey/>
<https://www.pandasecurity.com/mediacenter/malware/punkeypos/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.punkey_pos>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:punkey>

Last change to this tool card: 30 November 2023

Download this tool card in JSON format

Previous: PunchBuggy
Next: PuppetLoader

All groups using tool Punkey

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]