Soraya malware targets payment card data on POS devices and home computers

June 3, 2014 – 4:58 PM

Home computers and point-of-sale (POS) devices are both being targeted by a recently identified piece of malware that has already compromised thousands of payment cards – the majority of which were issued in the United States.

On May 23, Arbor Networks researchers discovered Soraya, a piece of malware that combines memory scraping techniques found in Dexter, a POS malware, with form grabbing abilities seen in Zeus, a trojan that impacts PCs running Windows.

Using multiple techniques in the same malware is fairly uncommon, Matt Bing and Dave Loftus, a pair of security research analysts with Arbor Networks who wrote about the threat in a Monday post, told in a Tuesday correspondence.

“Memory scraping is typically only found in malware directly targeting [POS] systems, and form grabbing is typically [used] to steal data being sent to websites, including payment card information and passwords,” Bing said.

The Soraya malware, which Bing and Loftus said likely dates back to March 2014, has already compromised thousands of payment cards.


You must be logged in to post a comment.