BlackPOS, also known as Kaptoxa, is a point-of-sale malware program designed to be installed in a point of sale (POS) system to scrape data from debit and credit cards.
[1][2] The BlackPOS program first surfaced in early 2013[3] and affected many Australian, American, and Canadian companies using point-of-sale systems, such as Target and Neiman Marcus.
[4] The original version of BlackPOS was sold on online black market forums by Taraspov, under the name "Dump Memory Grabber by Ree", for around $2000.
[7] BlackPOS only sends stolen information during business hours, to avoid raising suspicion by generating network traffic at unusual times.
Although credit and debit card information was compromised, Neiman Marcus issued a statement saying that Social Security Numbers and birthdates were not affected.