ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool LogPOS

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: LogPOS

NamesLogPOS
CategoryMalware
TypePOS malware, Credential stealer
Description(securitykitten) In most POS variants, one process scrapes memory from other processes and writes discovered track data to a log. Because LogPOS injects code into various processes and has each of them search their own memory, it can’t use a log, since they can’t all open the same file with write access at once. Instead, it uses mailslots.
Information<https://securitykitten.github.io/2015/11/16/logpos-new-point-of-sale-malware-using-mailslots.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.logpos>

Last change to this tool card: 22 May 2020

Download this tool card in JSON format

All groups using tool LogPOS

ChangedNameCountryObserved

Unknown groups

X_[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key