Researchers from Arbor Network have recently discovered a new variant of the Zeus malware. The point-of-sales Soraya malware has some similarities to the older Dexter malware, which infects PoS systems.
The Dexter malware is known for it’s memory scraping functionality.
Soraya has the ability to steal payment card information from memory and then sends that data off to a remote C2 server.
Online Soraya malware
On the Web side, Soraya can grab payment card data from forms as they’re submitted to sites, something that the Zeus malware family has perfected over the years. The combination of the PoS memory scraping functionality and the form-grabbing feature makes Soraya something new on the malware landscape, Bing said.
The origin of the Soraya malware
The name Soraya is a Persian female name. It may refer to:
Soraya Tarzi (Wife of King Amanullah Khan of Afghanistan)
Soraya Esfandiary-Bakhtiari (Second wife of Mohammed Reza Pahlavi of Iran) also know as Queen Soraya