Recently, security researchers have identified a new Point-of-Sale (PoS) malware called “ModPipe” that always targets the devices used by several organizations in the hospitality industry.
It is a backdoor based malware that can accumulate all kinds of delicate data from PoS devices that are running the Oracle Micros Restaurant Enterprise Series (RES) 3700.
This software is specially used by the restaurants and other businesses to control and operate all kinds of loyalty programs, POS devices, mobile payments, and some functions.
Oracle asserted that RES 3700 is the most extensively used restaurant management software in the industry. However, the software suite manages PoS and also rewards programs for all the “loyal customers,” reports, stocks, ads/promotions, and mobile payments.
This malware is targetting organizations since 2017, and ESET security researchers have identified this malware in 2019. Moreover, the ESET security researchers have discovered the other three modules that are added to the ModPipe, and these modules add up some additional functions to the actual ModPipe module.
According to the ESET report, there are some basic components that are found in these modules, and here we have mentioned them below:-
Some downloadable modules are present in the ModPipe modules, and here we have mentioned below all the modules:-
The pipe commands that are handled by the ModScan module are mentioned below:-
These attacks are quite often nowadays, and security researchers are finding all possible ways to eliminate this type of attack. ModPipe has several modules like it, and all of them have additional features and functions that make each of them more sophisticated malware.
All these modules are being utilized in a large number as it helps the threat actors to steal all sensitive and delicate information of the organization.
Also Read:
Fake Microsoft Teams Updates Installs Cobalt Malware on Victims Machine
Gitpaste-12 Malware via GitHub & Pastebin Attacks Linux Servers and IoT Devices
A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…
A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.…
Google patched seven vulnerabilities in the Chrome browser on Tuesday, including two zero-day exploits that…
The source code and documentation of the Italian anti-piracy platform Privacy Shield have reportedly been…
Wireshark remains the go-to choice for both professionals and enthusiasts due to its unmatched capabilities…
Guardio Labs has uncovered a significant vulnerability in Microsoft Edge, Microsoft's flagship web browser, that…