Hackers create malware to attack restaurant PoS solutions from Oracle
The malware module contains a calculation for gathering information base passwords by decoding them from Windows vault values.
Cybercriminals have built up ModPipe indirect access to assault Oracle’s café PoS arrangements. As indicated by specialists from ESET, the malware is unusually perplexing, as confirmed by the various modules.
The backdoor is specifically designed to target Oracle MICROS Restaurant Enterprise Series (RES) 3700, a PoS terminal management software suite used by hundreds of thousands of bars, restaurants and hotels around the world. According to experts, cyber criminals mainly attack restaurant establishments in the United States.
One of the downloadable malware modules, dubbed GetMicInfo, detects and steals credentials that allow ModPipe operators to access database contents, including various definitions and configuration data, status tables, and PoS terminal transaction information.
“The module contains an algorithm designed to collect database passwords by decrypting them from Windows registry values. The backdoor developers have a deep knowledge of the target software of the victims and have chosen this sophisticated method instead of collecting data using a simpler but louder approach such as keylogging, ”the experts noted.
However, the database information that the module steals does not contain the credit card numbers of the customers of the establishments. In this case, attackers can only gain access to the names of cardholders. Experts suggest there is another downloadable module that allows malware operators to decrypt more sensitive data.
The main loader module creates a channel used to communicate with other malicious modules and is also responsible for their implementation and provides a connection to the attacker’s C&C server.
In addition, there are a number of other loadable modules to add specific functionality to the backdoor. The two components can scan specific IP addresses or get a list of running processes on the device. The malware operators also use at least four other loadable modules, the functionality of which is still completely unknown.
Henceforth, WE WISH TO ANNOUNCE THAT OUR SERVICES ARE NOT AVAILABLE TO PEOPLE FROM NIGERIA AND INDIA. THESE ARE USELESS TIME WASTERS AND THIEVES TRYING TO BEG OR SCAM US OF OUR PRODUCTS. OUR SERVICES ARE NOT FREE AND PAYMENT IS UPFRONT
A LOT OF FOOLS FROM NIGERIA AND INDIA. on the off chance that YOU DON’T TRUST TO USE OUR SERVICES, DON’T CONTACT US AS WE HAVE NO FREE SERVICE
HI BUYERS, WE ARE A PROFESSIONAL CARDING AND HACKING TEAM. HOVATOOLS HAS BEEN AROUND SINCE THE TIME OF EVO MARKET, ALPHABAY, WALLSTREET MARKET AND MORE. WE REMAIN STRONG AND RELIABLE IN THE INDUSTRY, ALWAYS PROVIDING YOU WITH THE BEST QUALITY TOOLS TO HELP YOU MAKE MONEY AND MAXIMIZE PROFIT IN THE FRAUD GAME.
Buy Fresh Credit Cards for Carding, BIN LIST Buy Bank Login, RDP, Buy Hacked Paypal accounts. Contact us to buy all tools and carding software. CLICK HERE TO VISIT OUR SHOP
Buy Socks 5, Email Leads, Buy Latest CC to Bitcoin Cashout Guide, Buy Hacked Zelle transfer , Western Union Money Transfer Hack, Buy Hacked Money Transfer service to your bank account.
Enroll for Paid private Carding Class.