RawPOS (6ea1bf95-fed8-4b94-8071-aa19a3af5e34)
RawPOS is a point-of-sale (POS) malware family that searches for cardholder data on victims. It has been in use since at least 2008. [Kroll RawPOS Jan 2017] [TrendMicro RawPOS April 2015] [Visa RawPOS March 2015] FireEye divides RawPOS into three components: FIENDCRY, DUEBREW, and DRIFTWOOD. [Mandiant FIN5 GrrCON Oct 2016] [DarkReading FireEye FIN5 Oct 2015]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| RawPOS (6ea1bf95-fed8-4b94-8071-aa19a3af5e34) | Tidal Software | FIN5 (7902f5cc-d6a5-4a57-8d54-4c75e0c58b83) | Tidal Groups | 1 |