LockPoS malware adopts injection technique to evade detection

LockPoS, a point-of-sale malware program discovered in 2017 stealing payment card data from computers’ memory, is now using a new malware injection technique designed to bypass antivirus hooks and evade detection. Hod Gabriel, malware analyst at Cyberbit, reported in a company blog post last week that LockPoS uses three main routines – all of which are exported from ntdll.dll, a core Windows dynamic link library file – in order to inject malicious code into a remote process.

Read the source article at Cybersecurity News and Product Reviews

Leave a Reply

Your email address will not be published. Required fields are marked *