NeoPocket is an information stealer malware that specifically target ATM machines built by Diebold. Unlike common ATM malware that steal cash, it did only reconnaissance and log traffic. It steals ATM transaction data using a manin-the-middle (MitM) attack and keylogs user input from specific application windows. This stolen data was then sold in deep web markets for use in creating counterfeit payment cards and carrying out fraudulent fund transfers out of victim's accounts. Because no cash was stolen it remain undetected for a long time.
NeoPocket Malware Signatures
Family: Trojan:Win32/Casur.A!cl
MD5: 1a6a240d2d03eb2c66c17a6593d4b6d2
SHA256: 85652bbd0379d73395102edc299c892f21a4bba3378aa3b0aaea9b1130022bdd
NeoPocket Malware Download
