Analysis of PoSeidon

The new breed of malware is more complex and difficult to detect than its predecessors. The PoSeidon family uses several components to obtain customer payment data. This is the latest cyber threat in the ongoing onslaught of PoS systems. PoSeidon combines a bootloader that is designed to maintain durability and survive when rebooting with a memory scraper. PoSeidon also includes a keylogger that has access credentials for the LogMeIn remote access application.

Today we offer you a message in which the sample of Poseidon (loader) is analyzed. It works, and in the CnC list, which contains the sample. However, malicious software may not load the executable file of the second stage (keylogger) due to an error in the bootloader. We hope this information will be useful for you.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.

News

Analysis of PoSeidon

Read Next

USA Passes Take It Down Act: Fighting NCII at the Federal Level

Operation Artemis: FBI Arrests 22 in International Sextortion Crackdown

Digital Forensics Corp. Launches Pro Bono Initiative to Combat Sextortion Targeting Minors

Digital Forensics Corp. Launches 2025 Sextortion Study to Uncover the True Scope of a Growing Cybercrime