This analysis is provided by Wapack Labs as part of an ongoing analysis of POS exploits in the wake of the recent widespread retailer breaches.
Download the full report.
Automated tools are often times used by hackers to generate malware. This report summarizes two cracked Point of Sale (POS) “malware builders” obtained by Wapack Labs in January 2014. The first is identified as a VSkimmer variant and the second as BlackPOS. Both builders were cracked by French white-hat hacker Xylitol. This report also provides protocol details and signatures for the analyzed specimens and the payloads generated by the respective builder kits.
Wapack Labs analyzed both builders in one report because of a common thread –they’re both weaponized using the same backdoor. It is possible that in both cases, this serves as an additional channel for acquiring stolen credit card data.