Honey ?! Where is my PoS ?

Botconf 2015
2023-04-28 | 17:20 – 17:50

Marc Doudiet 🗣

It doesn’t pass a month without a news about a new POS (point-of-sale) malware or credit card data breach. By nature, the details of this kind of breach cannot be public (banks, ongoing investigation, reputation, …). But what do we know really from POS malware ? Can we create groups of malware related to group of cyber criminals ? As we already do for standard malware, we need a honeypot for POS, so we can share publicly the TTP (techniques, tactics, and procedures) of POS cyber criminals.
The goal of this presentation is to explain how we can create a honeypot for POS with open source tools or custom scripts, and to show the results of 3 months of a running honeypot (samples, TTP, groups, …).

Slides Icon

Scroll to Top