Kasidet POS Malware is a variant of Point of Sale (POS) Malware that performs DDoS attacks using Namecoin's Dot-Bit service to scrape payment card details. [1] [2] It is also known as Trojan.MWZLesson or Neutrino and was found in September 2015 by cyber security experts. [3] [4] It is a combination of BackDoor.Neutrino.50 and the POS malware. [5]
Kasidet POS Worm gets on a system along with the other malware or gets downloaded unknowingly when user visits malicious websites. [6] [7] This malware is different from other POS malware and it scrapes data with advanced features. [8] First it scrapes the POS RAM and steals payment card details. Then the scraped information is sent to the cyber criminal with intercepted GET and POST requests from the browser. [9] It's very difficult to detect this bot by using security programs; sometimes it's detectable in email spam campaigns and exploit kits. [10] The scraping capability of Kasidet has now been enhanced by the cyber criminals and it now hides C&C server in the Namecoin DNS Service Dot-Bit.