Home > List all groups > List all tools > List all groups using tool NeoPocket

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: NeoPocket

TypeATM malware, Keylogger, Info stealer, Credential stealer
Description(Trend Micro) NeoPocket is an information-stealing malware that targets ATMs manufactured by Diebold. S21sec discovered NeoPocket in April 2014. Unlike the majority of ATM malware, NeoPocket does not steal cash from the ATM as it focuses on data theft only. The malware steals ATM transaction data using a man-in-the-middle (MitM) attack and keylogs user input from specific application windows. This stolen data can be sold in deep web markets for use in creating counterfeit payment cards and carrying out fraudulent fund transfers out of victims’ accounts. Because no cash is stolen from the ATM, the compromise tends to remain undetected for prolonged periods and thus allows the criminal group behind NeoPocket to collect large amounts of sensitive data.

Last change to this tool card: 24 May 2020

Download this tool card in JSON format

Previous: Nemty
Next: Neptun

All groups using tool NeoPocket


Unknown groups

 _[ Interesting malware not linked to an actor yet ]_ 

1 group listed (0 APT, 0 other, 1 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
PGP Download PGP key