LockPoS malware adopts injection technique to evade detection

LockPoS, a point-of-sale malware program discovered in 2017 stealing payment card data from computers’ memory, is now using a new malware injection technique designed to bypass antivirus hooks and evade detection. Hod Gabriel, malware analyst at Cyberbit, reported in a company blog post last week that LockPoS uses three main routines – all of which are exported from ntdll.dll, a core Windows dynamic link library file – in order to inject malicious code into a remote process.

Read the source article at Cybersecurity News and Product Reviews

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s