JackPOS
Posted: February 14, 2014
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 6,921 |
|---|---|
| Threat Level: | 1/10 |
| Infected PCs: | 152 |
| First Seen: | February 14, 2014 |
|---|---|
| Last Seen: | October 16, 2023 |
| OS(es) Affected: | Windows |
JackPOS is Point-of-Sale or POS spyware that compromises PCs used for credit card transactions, stealing the related financial information and, afterward, sending it to third parties for future abuse. In comparison to similar PC threats, JackPOS is a globe-trotting Trojan that's been seen in significant numbers within countries as different as South Korea, Spain and the United States. To protect itself from being noticed, JackPOS disguises both its installer and its installed components so that they resemble the files of a safe Java update. Businesses that use appropriate PC security should be adequately protected from JackPOS, but for JackPOS's credit card victims, the only sign of its attacks will be the new credit card charges and other issues resulting from criminals having access to your personal information.
The Businesses that Don't Know Jack About Dealing with Spyware
As a POS spyware program, JackPOS is of the utmost concern to any business that handles credit card transactions as part of its regular activities. In a sharp change of campaign style from geography-limited banking Trojans like Bancos or the Corkow Trojan, JackPOS hasn't shown any distinct pattern in its attacks. A city in Brazil appears to be the current contender for most affected by JackPOS, with thousands of credit cards stolen. However, major outbreaks of JackPOS have been seen in India, the United States, Canada and Italy.
In many situations, a very modest number of JackPOS infections were responsible for a high quantity of credit card thefts. Malware experts currently estimate that Vancouver is the worst example of this, with a single JackPOS infection responsible for a total of four hundred thefts.
JackPOS is installed through attacks which exploit vulnerabilities on your PC to install JackPOS or encourage you to install JackPOS on your own. These attacks may misrepresent JackPOS as some form of software update, and JackPOS's executable names include such disguises as 'Java.exe' and 'Jse.exe.' Along with stealing credit card information from POS machines, JackPOS also has a basic Command & Control server-based backdoor, which lets JackPOS uninstall or update itself. Unlike most C&C Trojans that malware researchers have examined, JackPOS doesn't appear to have any functions for installing other threat, which makes its purpose particularly specialized.
Putting JackPOS Back in the Box
JackPOS does have memory dumping issues and a number of other, minor shortcomings that make it clear that JackPOS is far from the advanced, professionally-designed aesthetic of something like Trojan Zeus. However, JackPOS is perfectly capable of performing its intended function of stealing credit cards, and JackPOS already has proven itself – to the tune of thousands of credit cards from all over the world.
Businesses should maintain high security standards to protect their work machines from being compromised by JackPOS, which uses a process-injecting technique to keep itself hidden. Anti-malware protection, the proper separation of systems, restricted network access and the regulated use of removable devices all can play a part in preventing JackPOS from making headway into your workplace.
Victims of JackPOS's credit card thefts will be unable to tell of any issues until criminals already have made use of their cards. If you notice any unusual credit card bills, and, especially, happen to live in a city previously confirmed to be part of JackPOS attacks (such as Sao Paulo), you should contact your credit card company for further advice.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.