Memory-scraping malware

Last updated November 23, 2025

Memory-scraping malware or RAM Scrapping malware is a malware that scans the memory of digital devices, notably point-of-sale (POS) systems, to collect sensitive personal information, such as credit card numbers and personal identification numbers (PIN) for the purpose of exploitation.^[1]

Operation

The magnetic stripe of payment cards hold three different data tracks –Track 1, Track 2 and Track 3.^[2] The POS RAM scrapers were created to implement the use of expression matches to gain access and collect the Track 1 and Track 2 card data from the RAM process memory. Some RAM scrapers use the Luhn algorithm to check the validity of card data before exfiltration.^[3]

References

↑ "Memory Scraping Malware" . Retrieved 2015-02-12.
↑ "POS RAM Scraper Malware" . Retrieved 2015-11-18.
↑ "Exfiltration of Data with POS RAM Scraper Malware" (PDF). Retrieved November 29, 2017.

This malware-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Memory Scraping Malware" . Retrieved 2015-02-12.

[2] "POS RAM Scraper Malware" . Retrieved 2015-11-18.

[3] "Exfiltration of Data with POS RAM Scraper Malware" (PDF). Retrieved November 29, 2017.

[1]

[2]

[3]

Memory-scraping malware

Contents

Operation

See also

References