Contact Contact Us

PoS Malware on Sale in Dark Web Marketplaces

Point-of-sale (PoS) malware, which used to be only available through private sales are increasingly being sold in dark web marketplaces. These pieces of malware are usually deployed at retailers' websites and PoS locations to skim credit card details for fraudulent transactions. A new PoS malware dubbed GlitchPOS is currently available for as little as US$250 and comes with a control panel and training video for easy implementation. Another PoS malware known as DMSniff POS has been detected in attacks against small and medium sized businesses in the F&B and hospitality industries. The malware can resist takedown and bypass IP/domain blacklisting by using domain generation algorithm (DGA) to randomise its command-and-control (C&C) infrastructure.

[1] GlitchPOS: New PoS Malware for Sale
[2] ‘DMSniff’ POS Malware Actively Leveraged to Target Small-, Medium-Sized Businesses

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883