 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: ModPOS| Names | ModPOS straxbot | |
| Category | Malware | |
| Type | Reconnaissance, POS malware, Backdoor, Keylogger, Credential stealer | |
| Description | (FireEye) ModPOS is highly modular and can be configured to target specific systems with components such as uploader/downloader, keylogger, POS RAM scraper and custom plugins for credential theft and other specialized functions like network reconnaissance. We believe other capabilities could also be leveraged. The modules are packed kernel drivers that use multiple methods of obfuscation and encryption to evade even the most sophisticated security controls. | |
| Information | <https://www.fireeye.com/blog/threat-research/2015/11/modpos.html> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.modpos> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:modpos> | |
Last change to this tool card: 28 December 2022
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Operation Black Atlas | [Unknown] | 2015 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |