• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
prilex pos malware evolves to block contactless payments to steal

Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards

You are here: Home / General Cyber Security News / Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards
February 1, 2023

The Brazilian menace actors behind an state-of-the-art and modular point-of-sale (PoS) malware acknowledged as Prilex have reared their head after yet again with new updates that permit it to block contactless payment transactions.

Russian cybersecurity firm Kaspersky reported it detected a few variations of Prilex (06.03.8080, 06.03.8072, and 06.03.8070) that are able of targeting NFC-enabled credit rating playing cards, using its felony plan a notch greater.

Having advanced out of ATM-concentrated malware into PoS malware above the years considering that heading operational in 2014, the risk actor steadily incorporated new functions that are built to aid credit rating card fraud, such as a method named GHOST transactions.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


While contactless payments have taken off in a massive way, in section because of to the COVID-19 pandemic, the fundamental motive powering the new operation is to disable the element so as to pressure the person to insert the card into the PIN pad.

To that finish, the latest version of Prilex, which Kaspersky found out in November 2022, has been found to implement a rule-primarily based logic to identify no matter if or not to seize credit card data together with an alternative to block NFC-primarily based transactions.

Prilex PoS Malware

“This is thanks to the truth that NFC-based mostly transactions usually produce a exceptional ID or card number valid for only 1 transaction,” researchers explained.

Ought to this sort of an NFC-dependent transaction be detected and blocked by the malware installed on the infected PoS terminal, the PIN pad reader displays a faux mistake message: “Contactless mistake, insert your card.”

This leads the target to use their bodily card by inserting it into the PIN pad reader, correctly permitting the threat actors to dedicate fraud. Another new characteristic extra to the artifacts is the potential to filter credit score playing cards by segments and craft regulations personalized to all those tiers.

“These procedures can block NFC and capture card data only if the card is a Black/Infinite, Company or an additional tier with a superior transaction limit, which is a great deal additional interesting than standard credit score playing cards with a reduced stability/limit,” the researchers noted.

“Considering the fact that transaction facts generated throughout a contactless payment are ineffective from a cybercriminal’s point of view, it is easy to understand that Prilex requirements to drive victims to insert the card into the infected PoS terminal.”

Uncovered this article attention-grabbing? Observe us on Twitter  and LinkedIn to examine much more exceptional content material we post.


Some components of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Nearly 30,000 QNAP Devices Exposed Via New Bug
Next Post: New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices new sh1mmer exploit for chromebook unenrolls managed chromeos devices»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
  • Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
  • OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach

Copyright © TheCyberSecurity.News, All Rights Reserved.