POS malware used to steal payment card’s data, researchers said at Forcepoint. It is designed to steal data from the magnetic stripe on the back of payment cards.


It uses UDP-based DNS traffic tool to sneak stolen credit and debit card data which make this malware different than other.

The United States has switched from magnetic cards to chip and PIN cards based on the Europay, Mastercard, and Visa standard. So it becomes hard for criminals to steal payment card data using POS malware

Luke Somerville, head of special investigations at Forcepoint, says there’s no evidence to show that UDPoS is currently being used to steal credit or debit card data. But Forcepoint’s tests have shown that the malware is indeed capable of doing so successfully.

The hotels, restaurants and any other location with handheld devices for swiping credit and debit cards are target of this malware. “This malware targets Windows-based systems“, Somerville notes.

POS malware used to steal payment card’s data which infects them with malware.

POS malware is disguised to appear like a LogMeIn service pack that was generating a notable amount of unusual DNS requests, Forcepoint says.

There is no evidence that LogMeIn’s remote access service or products have been abused in any way as part of the malware deployment process, says Somerville.

Trend Micro last year reported on MajikPOS malware that was used to steal data on more than 23,300 payment cards.

Retailer Forever 21, which is investigating a data breach reported last November, recently disclosed finding malware on some of its POS systems.