Prilex, a new malware that can block contactless near-field transactions on hacked points of sale (POS) terminals, has been uncovered by international cybersecurity firm Kaspersky.
Also read: Prospective homeowners warned about Whatsapp housing scam
According to Kaspersky, the malware in turn, forces customers to use their physical credit cards, enabling cybercriminals to steal money.
While Prilex and the scam are currently most active in Latin America, the cybersecurity firm warned that the expansion into Africa, the Middle East, and Turkey was possible in the foreseeable future.
Prilex is now the most advanced threat to POS systems having evolved from previous malware targeting ATMs.
It can perform credit card fraud even on cards that are protected with purported unhackable chips or PIN technology.
Kaspersky says it has uncovered three new modifications that now block contactless payment transactions that became very popular during and after the pandemic.
“Contactless payment systems such as credit and debit cards, key fobs, and other smart devices, including mobile devices, have traditionally featured radio-frequency identification (RFID),” said the firm.
“More recently, Samsung Pay, Apple Pay, Google Pay, Fitbit Pay and mobile bank applications have implemented near-field communication (NFC) technologies to support secure contactless transactions.”
According to Kaspersky, contactless credit cards offer a convenient and secure way to make payments without the need to physically touch, insert or swipe the card.
However, the malware blocks such transactions by implementing a rule-based file that specifies whether or not to capture credit card information and an option to block NFC-based transactions.
With NFC-based transactions generating a unique card number valid for only one transaction, should Prilex detect an NFC-based transaction and block it, the PIN pad will show a message stating, “Error, insert card.”
Cyber criminals aim to force victims to use their physical card by inserting it into the PIN pad reader, in order to allow the malware to capture data from the transaction.
The new malware also picks up what type of bank account a card is connected to and whether or not it has a high transaction limit.
Kaspersky said that during the 2016 Rio carnival, a bad actor cloned more than 28,000 credit cards and drained over 1,000 ATMS in Brazil’s banks.
The same method was also used in Germany three years later when a criminal gang cloned Mastercard debit cards issued by German bank OLB and withdrew more than €1.5 million from around 2,000 customers.
Also read:
Picture: Cape {town} Etc Library