Memory-scraping malware is malware that scans the memory of digital devices, notably point-of-sale (POS) systems, to collect sensitive personal information, such as credit card numbers and personal identification numbers (PIN) for the purpose of exploitation.
Operation
The magnetic stripe of payment cards hold three different data tracks – Track 1, Track 2 and Track 3. The POS RAM scrapers were created to implement the use of expression matches to gain access and collect the Track 1 and Track 2 card data from the RAM process memory. RAM scrapers also use Luhn algorithm to reach access and ex-filtrate victim's card data.
References
Memory-scraping malware Wikipedia(Text) CC BY-SA