Virus can block approximation payments to clone cards

Virus can block approximation payments to clone cards

A new virus for points of sale is capable of manipulating the system of credit card machines to block payments by approximation, forcing the customer to insert the plastic so that their data can be captured. In three variants, the Prilex malware would have been operating at least since November last year and would have claimed victims in Brazil.

  • The 4 most feared cyberattacks by e-commerce
  • 3 online shopping safety factors unknown to consumers

The eponymous gang is already well known in the field of attacks against banking and payment systems, having developed exploit tools for ATMs and sales terminals. In a new report issued by the security company Kaspersky, the new versions of Prilex are described as the most advanced so far, having their own encryption systems and the ability to carry out fraudulent transactions.

Even cards protected with advanced technologies can be susceptible to exploitation, which displays a false error message on the payment terminal screen. Believing to be facing something common, both the shopkeeper and the consumer should not see a problem in using plastic in the traditional way, which causes the transaction data, password and other elements to be captured for later use by the scammers.

Prilex also has resources for customizing attacks, in order to reach only high-end customers, with Black or Infinite cards, or certain flags. The malware can also attack only those plastics with higher thresholds, which are of additional interest to the scammer for the greater possibility of financial gain. Meanwhile, behind the scenes, the pest is also able to block system updates and even uninstall newer versions in favor of older ones, with possible vulnerabilities.

Kaspersky’s report does not talk about the malware’s entry vector on terminals — attacks of this type are usually the result of direct agents, who disguise themselves as maintenance workers to perform false updates. With that also comes the idea of ​​malware that is sold on demand, so local criminals can carry out their attacks wherever they want.

The security company also warns of the risk involved in attacks, especially in view of the explosion in payments by approximation during the covid-19 pandemic. With a segment that moved US$ 34.5 billion (R$ 175.5 billion) in 2021 and is estimated to grow by 20% each year, there is ample room for criminals to make victims and defraud both shopkeepers and consumers.

Source: Kaspersky