Malicious software or “malware” is designed to damage or infiltrate computer systems. The following malware examples were recently identified through computer forensic investigations coordinated by Visa. A comprehensive list of malware and MD5 hash values can be found in the Table 1 attachment.
- BP0.exe is a remote command shell “backdoor” that allows remote attackers to use the windows command shell to interact with the compromised server and run commands. This malware is hardcoded with a fixed IP address.
- Wiadebyls.dll is a password collector that gathers user credentials as they are used. The malware then transmits those credentials to a hard-coded IP address using the HTTP protocol.
- Wininet.exe is a packet sniffing program configured to capture payment data on the network.
- Wuauclt.exe is a key logger program configured to capture keystrokes and payment data on a point-of sale (POS) terminal.
- SN.exe is a packet sniffer. Other variants of this malware exist with the ability to filter and log activities.
Download the Visa Data Security Alert -
Malicious Software.
0 comments:
Post a Comment