Newest malware ‘Treasurehunt’ stealing Payment card data of Americans

Black hat hackers has developed a new malwareTreasurehunt‘ which extracts the payment card data from the memory after enumerating the running process. After extracting the data from payment card, Treasurehunt forwards it to a command and control (CnC) server. Once the data of victim is stolen; hacker sell the extracted details in black markets.

There have been many malwares similar to the Treasurehunt which black hat hackers labelled as Point-of-sale (POS) in their underground forums. Last year security researchers has found more than dozen of POS malwares.

“Target” was one of the many big corporations targeted by these black hat hackers last year; it forces the retail giant to upgrade their systems. But not every business can afford the new certified systems because of the sky-high cost, it has now provided a big opportunity to hackers. That’s why those small businesses now become the primary target of these criminals.

FireEye a cyber security firm was the first to discover this newest malware, which is targeting the thousands of U.S citizens all over the country. Nart Villeneuve security researcher on FireEye’s blog post said, “Criminals appear to be racing to infected POS systems in the United States before U.S. retailers complete this transition”.

He further wrote that “In a typical scenario, Treasurehunt would be implanted on a POS system through the use of previously stolen credentials or through brute forcing common passwords that allow access to poorly secured POS systems.” 


These POS malwares including Treasurehunt are easily available on dark web if you are willing to pay the right price. Those tools available for FREE on dark web are not often as effective as the purchased ones. These free tools are mostly outdated or their source code may have been disclosed, which makes them easier to detect by security software. Average 60 million shoppers in U.S and Canada are effected from payment system hacks in past two years.



Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...