Home Security Prilex PoS Malware Evolves to Block Contactless Funds to Steal from NFC Playing cards

Prilex PoS Malware Evolves to Block Contactless Funds to Steal from NFC Playing cards

by crpt os


Feb 01, 2023Ravie LakshmananPayment Security / Risk

The Brazilian threat actors behind an advanced and modular point-of-sale (PoS) malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions.

Russian cybersecurity firm Kaspersky said it detected three versions of Prilex (06.03.8080, 06.03.8072, and 06.03.8070) that are capable of targeting NFC-enabled credit cards, taking its criminal scheme a notch higher.

Having evolved out of ATM-focused malware into PoS malware over the years since going operational in 2014, the threat actor steadily incorporated new features that are designed to facilitate credit card fraud, including a technique called GHOST transactions.

While contactless payments have taken off in a big way, in part due to the COVID-19 pandemic, the underlying motive behind the new functionality is to disable the feature so as to force the user to insert the card into the PIN pad.

To that end, the latest version of Prilex, which Kaspersky discovered in November 2022, has been found to implement a rule-based logic to determine whether or not to capture credit card information alongside an option to block NFC-based transactions.

Prilex PoS Malware

“This is due to the fact that NFC-based transactions often generate a unique ID or card number valid for only one transaction,” researchers said.

Should such an NFC-based transaction be detected and blocked by the malware installed on the infected PoS terminal, the PIN pad reader displays a fake error message: “Contactless error, insert your card.”

This leads the victim to use their physical card by inserting it into the PIN pad reader, effectively permitting the threat actors to commit fraud. Another new feature added to the artifacts is the ability to filter credit cards by segments and craft rules tailored to those tiers.

“These rules can block NFC and capture card data only if the card is a Black/Infinite, Corporate or another tier with a high transaction limit, which is much more attractive than standard credit cards with a low balance/limit,” the researchers noted.

“Since transaction data generated during a contactless payment are useless from a cybercriminal’s perspective, it is understandable that Prilex needs to force victims to insert the card into the infected PoS terminal.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex