Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 17:05:41 UTC
Home > List all groups > List all tools > List all groups using tool TreasureHunter
 Tool: TreasureHunter
Names
TreasureHunter
TREASUREHUNT
huntpos
Category Malware
Type POS malware, Credential stealer
Description
(FireEye) In this article we examine TREASUREHUNT, POS malware that appears to have been
custom-built for the operations of a particular “dump shop,” which sells stolen credit card data.
TREASUREHUNT enumerates running processes, extracts payment card information from
memory, and then transmits this information to a command and control server.
Information
Malpedia AlienVault OTX Last change to this tool card: 18 November 2022
Download this tool card in JSON format
All groups using tool TreasureHunter
Changed Name Country Observed
Unknown groups
 _[ Interesting malware not linked to an actor yet ]_
1 group listed (0 APT, 0 other, 1 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fe027e13-3f88-49f6-8b42-2f435b61edc0
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fe027e13-3f88-49f6-8b42-2f435b61edc0
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fe027e13-3f88-49f6-8b42-2f435b61edc0
Page 2 of 2

Unknown groups _[ Interesting malware not linked to an actor yet ]_
1 group listed (0 APT, 0 other, 1 unknown) 
   Page 1 of 2