UDPOS - EXFILTRATING CREDIT CARD DATA VIA DNS
released on 2018-02-08 @ 11:08:16 AM
We recently came across a sample apparently disguised as a LogMeIn service pack which generated notable amounts of 'unusual' DNS requests. Deeper investigation revealed something of a flawed gem, ultimately designed to steal magnetic stripe payment card data: a hallmark of PoS malware.