Home Malware Programs Malware Project Hook

Project Hook

Posted: May 16, 2014

Threat Metric

Ranking: 10,957
Threat Level: 1/10
Infected PCs: 2,663
First Seen: May 16, 2014
Last Seen: September 29, 2023
OS(es) Affected: Windows


Project Hook is a PoS Trojan that collects information from PCs used to process purchase transactions, with its attacks seen in both the United States and various places of Europe throughout 2012-2014. As with many, other spyware programs, Project Hook Trojans display minimal symptoms while attempting to target and gather data from the infected computer, and is specialized for this purpose – although its code also may include additional, seemingly non-utilized functions. With its attacks targeted at retailers specifically, malware researchers recommend that companies take proper security steps to block Project Hook's installation, and inform their customers in the event of any suspected breach that could result in the fraudulent use of information.

Project Hook: a New Set of Trojan Hooks to Sink into Your Credit Cards

Project Hook is a Point-of-Sale Trojan that uses specialized functions for transferring data collected from business customers to ill-minded persons. Currently, Project Hook is being distributed on a rental model to third parties who pay an estimated one thousand dollar fee for the privilege of using its illicit functions. Like a similar POS Trojan, Dexter, Project Hook targets the Track 1 and Track 2 data on the magnetized stripes of credit (and debit) cards. This process includes delving directly into active memory processes to sort through the looted data, which is why Project Hook also is referred to as a RAM scrapper or memory scrapper.

Although its attacks are not inclined to display any visible side effects, Project Hook low-key presence is not necessarily correlative with limited damages to the affected retailers. Like Dexter, Project Hook currently is one of the most widely-used POS Trojans, whose campaigns have been known to infiltrate business POS computers for months at a time before being detected. In addition to collected data, Project Hook also provides basic statistics related to sales, and standardized interface for 'clients' to use. Project Hook, while larger than most Trojans (due to what appears to be unused junk data included in its code), still is small enough to be transferred easily and rapidly through networks and peripheral devices.

Beating the Threat Hook that's Piercing Your Profits

Anti-malware solutions always should be used to uninstall Project Hook and other Trojans that have self-concealment as one of their priority functions. Using updated software, especially for PCs that perform crucial business functions, also should be considered as an essentially mandatory defense against the exploits that could be used to distribute Project Hook. Since multiple persons use Project Hook in targeted attacks tailored for different companies throughout the world, the individual elements of a Project Hook attack may vary between incidents, particularly concerning its distribution philosophy. However, these targeted attacks may stem from poor e-mail, local network or USB device security.

Project Hook is an ongoing campaign, but scarcely is the only POS Trojan to threaten companies' customers by collecting their information en masse. Besides Dexter, which, in all of its three major variants, bears strong similarities to Project Hook, one might also note such Point-of-Sale threats as JackPOS, BlackPOS, POScardstealer, vSkimmer, Trojan.POSRAM (an apparent descendant of BlackPOS), Infostealer.Alina and Chewbacca. Businesses, including banks and shopping outlets, will need to continue to practice strong PC security if they want their customers to remain safe.

Loading...