MultigrainMalware

A new sophisticated point-of-sale or memory-scraping malware called "Multigrain" was discovered on April 17, 2016 by the FireEye Inc. security company.^[1]^[2] Multigrain malware comes under the family of NewposThings Malware. This malware is similar to the NewposThings, FrameworkPOS and BernhardPOS malware which were known previously as notorious malware.^[3]^[4]

Process of Multigrain malware

Multigrain uses the Luhn algorithm to validate the credit and debit card details.^[5] This POS malware then infects the computer and blocks Hypertext Transfer Protocol (http) and file transfer protocol (ftp) traffic which monitors the data exfiltration.^[6]^[7] It exfiltrates the scraped information of credit and debit card via Domain Name Server (DNS).^[8]^[9] Then it sends the collected payment card information to a 'command and control server' server.^[10]^[11]

Targets one POS platform

Multigrain targets specifically the Windows point of sale system, which has a multi.exe executable file.^[12]^[13] If Multigrain gets into a POS system that does not have multi.exe then it deletes itself without leaving any trace.^[14]^[15]

See also

References

^ "MULTIGRAIN – Point of Sale Attackers Make an Unhealthy Addition to the Pantry". FireEye.
^ ""Point of Sales (POS) Evolution to DNS Exfiltration"" (PDF).
^ ""Multigrain" PoS Malware Exfiltrates Card Data Over DNS | SecurityWeek.Com". www.securityweek.com. 20 April 2016.
^ "Multigrain PoS malware exfiltrates stolen card data over DNS". Security Affairs. April 20, 2016.
^ "New Multigrain Malware steals Point of Sale Data Over DNS".
^ "Wheat a moment: Multigrain malware uses DNS to steal POS data "
^ Cimpanu, Catalin (19 April 2016). "PoS Malware Steals Credit Card Numbers via DNS Requests". softpedia.
^ Constantin, Lucian (April 20, 2016). "New point-of-sale malware Multigrain steals card data over DNS". Computerworld.
^ "DNS and Stolen Credit Card Numbers". www.circleid.com.
^ Stoyanov, Daniel (April 21, 2016). "PoS Malware 'Multigrain' Steals Credit Card Details via DNS".
^ "SASE Solution - Secure Access Service Edge". Fortinet.
^ Chirgwin, Richard. "VXers pass stolen card data over DNS". www.theregister.com.
^ ""MULTIGRAIN – Point of Sale Attackers Make an Unhealthy Addition to the Pantry"". Archived from the original on 2016-04-22. Retrieved 2016-07-11.
^ "Multigrain Malware Targets Multi.Exe Process, Steals and Exfiltrates Data, Pretending as DNS Queries". www.spamfighter.com.
^ "Article 29 Working Party still not happy with Windows 10 privacy controls". SC Media. February 28, 2017.

v t e Malware topics
Infectious malware	Comparison of computer viruses Computer virus Computer worm List of computer worms Timeline of computer viruses and worms
Concealment	Backdoor Clickjacking Man-in-the-browser Man-in-the-middle Rootkit Trojan horse Zombie computer
Malware for profit	Adware Botnet Crimeware Fleeceware Form grabbing Fraudulent dialer Infostealer Keystroke logging Malbot Privacy-invasive software Ransomware Rogue security software Scareware Spyware Web threats
By operating system	Android malware Classic Mac OS viruses iOS malware Linux malware MacOS malware Macro virus Mobile malware Palm OS viruses HyperCard viruses
Protection	Anti-keylogger Antivirus software Browser security Data loss prevention software Defensive computing Firewall Internet security Intrusion detection system Mobile security Network security
Countermeasures	Computer and network surveillance Honeypot Operation: Bot Roast

Index: pl ar de en es fr it arz nl ja pt ceb sv uk vi war zh ru af ast az bg zh-min-nan bn be ca cs cy da et el eo eu fa gl ko hi hr id he ka la lv lt hu mk ms min no nn ce uz kk ro simple sk sl sr sh fi ta tt th tg azb tr ur zh-yue hy my ace als am an hyw ban bjn map-bms ba be-tarask bcl bpy bar bs br cv nv eml hif fo fy ga gd gu hak ha hsb io ig ilo ia ie os is jv kn ht ku ckb ky mrj lb lij li lmo mai mg ml zh-classical mr xmf mzn cdo mn nap new ne frr oc mhr or as pa pnb ps pms nds crh qu sa sah sco sq scn si sd szl su sw tl shn te bug vec vo wa wuu yi yo diq bat-smg zu lad kbd ang smn ab roa-rup frp arc gn av ay bh bi bo bxr cbk-zam co za dag ary se pdc dv dsb myv ext fur gv gag inh ki glk gan guw xal haw rw kbp pam csb kw km kv koi kg gom ks gcr lo lbe ltg lez nia ln jbo lg mt mi tw mwl mdf mnw nqo fj nah na nds-nl nrm nov om pi pag pap pfl pcd krc kaa ksh rm rue sm sat sc trv stq nso sn cu so srn kab roa-tara tet tpi to chr tum tk tyv udm ug vep fiu-vro vls wo xh zea ty ak bm ch ny ee ff got iu ik kl mad cr pih ami pwn pnt dz rmy rn sg st tn ss ti din chy ts kcg ve

Prefix: a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 8 9

Portal di Ensiklopedia Dunia

Portal : Agama

Portal : Bahasa

Portal : Biografi

Portal : Budaya

Portal : Elektronika

Portal : Geografi

Portal : Ilmu

Portal : Masyarakat

Portal : Matematika

Portal : Pendidikan

Portal : Politik

Portal : Sejarah

Portal : Seni

Portal : Teknologi

Kembali kehalaman sebelumnya