RawPOS continues to evolve , and has recently been equipped with the capability to steal Attack.Databreach data contained in the victims ’ driver ’ s license ’ s 2-dimensional barcode . “ Although the use of this barcode is less common than credit card swipes , it is not unheard of . Some people might experience getting their driver ’ s license barcode scanned in places like pharmacies , retail shops , bars , casinos and others establishments that require it , ” Trend Micro researchers explained . “ Traditionally , PoS threats Attack.Databreach look for credit card mag stripe data and use other components such as keyloggers and backdoors to get Attack.Databreach other valuable information . RawPOS attempts to gather Attack.Databreach both in one go , cleverly modifying the regex string to capture Attack.Databreach the needed data. ” This particular variant is geared towards collecting Attack.Databreach data from driver ’ s licenses issued in the US . Thus , along with payment card data , criminals also get Attack.Databreach information such as the victims ’ full name , date of birth , full address , gender , height , hair and eye color . This additional info could definitely help criminals impersonate the card holder in many identity theft scenarios , as well as while effecting fraudulent card-not-present transactions . RawPOS is one of the oldest known Point-of-Sale RAM scraper malware families . It ’ s first incarnation was spotted all the way back in 2009 . According to the researchers , it is mainly used by threat actors that focus on targeting businesses operating in the hospitality industry .