ModPipe malware decrypts Oracle database passwords

A new malware named ModPipe that is targeting Oracle Micros Hospitality RES 3700 point-of-sale systems has been discovered recently.

ModPipe is a backdoor that steals passwords for the PoS system databases by decrypting them from Windows registry values. ModPipe uses a modular architecture to extend its feature through its components.

Researchers at ESET found several basic ModPipe components - GetMicInfo - steals database passwords, ModScan - runs scans on specified addresses, and ProcList - enumerates running processes and their modules.


Read More

Got Something To Say?

Your email address will not be published. Required fields are marked *