ModPOS is the latest in the string of POS malware that’s making the news. As its family name implies, this malware is intent on one: stealing credit card information.
A few days ago, we published a blog entry on an advanced malware called Moker, and discussed the different challenges that Moker placed to avoid detection and anti-dissection, as part of enSilo’s continuing improvement of our endpoint security software.
Now that we have the stripped down malware sample, it’s time to analyze the actual malware.
Recently, we came across Moker, an advanced malware residing in a sensitive network of a customer. Since the malware did not try to access an external server, but rather tamper with the system inner workings, we decided to give this malware a second look. (This kind of work is part of developing complete endpoint security software.)