Trusted Design

"KUHOOK" POINT OF SALE MALWARE

概要

Kuhook (from the ModPOS malware family) is a variation of malware targeting Point of Sale (POS) systems designed to run on Microsoft Windows. It utilizes keylogger and memory scraping/parsing functionality. The malware is suspected to be privately owned and used, meaning that it is not currently distributed through online criminal forums and therefore is not known to be widely available. To date, Visa has observed the malware on two previous occasions but we are not aware of any current victims of Kuhook at this time. However, we believe with high confidence the malware will be modified and used to target additional merchants and other entities processing payment card data.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

AbaddonPOS: A new point of sale threat linked to Vawtrak (score: 0.71)
NitlovePOS: Another New POS Malware (score: 0.71)
Unskal, Saluchtra, Dexter and IeEnablerCby (score: 0.69)
KRBanker Targets South Korea Through Adware and Exploit Kits (score: 0.65)
Attacking a POS Supply Chain (score: 0.65)

このPulseに関連する脅威アクター (事実ベース)

Winnti Group

Score: 3.29

Matched TTPs:

T1014 - Rootkit

MITREへのリンク →

APT41

Score: 7.71

Matched TTPs:

T1014 - Rootkit
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

Rocke

Score: 6.72

Matched TTPs:

T1014 - Rootkit
T1552.004 - Private Keys

MITREへのリンク →

TeamTNT

Score: 10.79

Matched TTPs:

T1014 - Rootkit
T1587.001 - Malware
T1608.001 - Upload Malware
T1552.004 - Private Keys

MITREへのリンク →

APT28

Score: 4.78

Matched TTPs:

T1014 - Rootkit
T1203 - Exploitation for Client Execution

MITREへのリンク →

UNC3886

Score: 11.92

Matched TTPs:

T1014 - Rootkit
T1587.001 - Malware
T1588.001 - Malware
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1583.008 - Malvertising
T1608.001 - Upload Malware

MITREへのリンク →

Kimsuky

Score: 7.69

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

Moonstone Sleet

Score: 9.52

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195.002 - Compromise Software Supply Chain
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 23.74

Matched TTPs:

T1587.001 - Malware
T1574.013 - KernelCallbackTable
T1203 - Exploitation for Client Execution
T1027.007 - Dynamic API Resolution
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1529 - System Shutdown/Reboot

MITREへのリンク →

Contagious Interview

Score: 9.34

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

OilRig

Score: 17.42

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

LuminousMoth

Score: 6.53

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

Sandworm Team

Score: 12.34

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

Salt Typhoon

Score: 4.84

Matched TTPs:

T1587.001 - Malware
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

APT29

Score: 6.11

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Aoqin Dragon

Score: 3.59

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

RedCurl

Score: 4.84

Matched TTPs:

T1587.001 - Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Turla

Score: 7.15

Matched TTPs:

T1587.001 - Malware
T1588.001 - Malware
T1124 - System Time Discovery

MITREへのリンク →

Mustang Panda

Score: 12.44

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1027.007 - Dynamic API Resolution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN7

Score: 9.59

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195.002 - Compromise Software Supply Chain
T1124 - System Time Discovery

MITREへのリンク →

TA2541

Score: 7.18

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Earth Lusca

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

LazyScripter

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

Threat Group-3390

Score: 6.39

Matched TTPs:

T1608.001 - Upload Malware
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA505

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

BITTER

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT32

Score: 6.21

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Saint Bear

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

EXOTIC LILY

Score: 5.99

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT42

Score: 8.34

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

Ember Bear

Score: 7.80

Matched TTPs:

T1195 - Supply Chain Compromise
T1588.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

Akira

Score: 4.54

Matched TTPs:

T1558 - Steal or Forge Kerberos Tickets

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1659 - Content Injection

MITREへのリンク →

Scattered Spider

Score: 10.03

Matched TTPs:

T1552.004 - Private Keys
T1588.001 - Malware
T1556.009 - Conditional Access Policies

MITREへのリンク →

Storm-0501

Score: 7.57

Matched TTPs:

T1552.004 - Private Keys
T1556.009 - Conditional Access Policies

MITREへのリンク →

Volt Typhoon

Score: 6.03

Matched TTPs:

T1552.004 - Private Keys
T1124 - System Time Discovery

MITREへのリンク →

LAPSUS$

Score: 6.08

Matched TTPs:

T1588.001 - Malware
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

Andariel

Score: 3.95

Matched TTPs:

T1588.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

Cobalt Group

Score: 7.17

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Dragonfly

Score: 4.42

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Axiom

Score: 6.03

Matched TTPs:

T1203 - Exploitation for Client Execution
T1001.002 - Steganography

MITREへのリンク →

Higaisa

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

APT37

Score: 5.12

Matched TTPs:

T1203 - Exploitation for Client Execution
T1529 - System Shutdown/Reboot

MITREへのリンク →

BRONZE BUTLER

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Tropic Trooper

Score: 4.24

Matched TTPs:

T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Darkhotel

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

APT33

Score: 4.24

Matched TTPs:

T1203 - Exploitation for Client Execution
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Medusa Group

Score: 10.91

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1650 - Acquire Access
T1529 - System Shutdown/Reboot

MITREへのリンク →

FIN6

Score: 8.02

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

FIN8

Score: 5.49

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol

MITREへのリンク →

Chimera

Score: 6.21

Matched TTPs:

T1111 - Multi-Factor Authentication Interception
T1124 - System Time Discovery

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

APT38

Score: 8.16

Matched TTPs:

T1036.006 - Space after Filename
T1529 - System Shutdown/Reboot

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Blue Mockingbird

Score: 4.54

Matched TTPs:

T1574.012 - COR_PROFILER

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.78

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1587.001 - Malware
T1566.003 - Spearphishing via Service
T1124 - System Time Discovery
T1529 - System Shutdown/Reboot
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1574.013 - KernelCallbackTable
T1203 - Exploitation for Client Execution

MITREへのリンク →

OilRig

Score: 0.60

Matched TTPs:

T1587.001 - Malware
T1195 - Supply Chain Compromise
T1566.003 - Spearphishing via Service
T1573.002 - Asymmetric Cryptography
T1608.001 - Upload Malware
T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
T1203 - Exploitation for Client Execution

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る