We recently spotted a brand new BlackPOS (point-of-sale) malware detected by Trend Micro as TSPY_MEMLOG.A. In 2012, the source code of BlackPOS was leaked, enabling other cybercriminals and attackers to enhance its code. What’s interesting about TSPY_MEMLOG.A is it disguises itself as an installed service of known AV vendor software to avoid being detected and consequently, deleted in the infected PoS systems. This routine is different from previous PoS malware such as TSPY_POCARDL.U and TSPY_POCARDL.AB (BlackPOS) that employed the targeted company’s own installed service.
more here.............http://blog.trendmicro.com/trendlabs-security-intelligence/new-blackpos-malware-emerges-in-the-wild-targets-retail-accounts/
more here.............http://blog.trendmicro.com/trendlabs-security-intelligence/new-blackpos-malware-emerges-in-the-wild-targets-retail-accounts/