ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Multigrain

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Multigrain

NamesMultigrain
Multigrain POS
CategoryMalware
TypePOS malware, Credential stealer
Description(FireEye) FireEye recently discovered a new variant of a point of sale (POS) malware family known as NewPosThings. This variant, which we call “MULTIGRAIN”, consists largely of a subset of slightly modified code from NewPosThings. The variant is highly targeted, digitally signed, and exfiltrates stolen payment card data over DNS. The addition of DNS-based exfiltration is new for this malware family; however, other POS malware families such as BernhardPOS and BlackPOS have used this technique in the past.
Information<https://www.fireeye.com/blog/threat-research/2016/04/multigrain_pointo.html>
<https://www.pandasecurity.com/mediacenter/malware/multigrain-malware-pos/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.multigrain_pos>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:multigrain>

Last change to this tool card: 23 May 2020

Download this tool card in JSON format

Previous: Mudwater
Next: MumbaiDown

All groups using tool Multigrain

ChangedNameCountryObserved

Unknown groups

 _[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key