LusyPOS Malware Detection

critical Nessus Plugin ID 80457


Nessus detected a malicious process on the remote host.


The remote host is running LusyPOS, a point-of-sale (POS) malware that uses memory scraping techniques and the Tor network to exfiltrate data.


Remove the infection or restore the system from a known set of good backups.

See Also

Plugin Details

Severity: Critical

ID: 80457

File Name: lusypos_detect.nbin

Version: 1.256

Type: remote

Family: Backdoors

Published: 1/12/2014

Updated: 2/22/2024

Asset Inventory: true

Hardware Inventory: true

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Vulnerability Publication Date: 12/1/2014