{"id":108569,"date":"2023-01-31T08:00:41","date_gmt":"2023-01-31T08:00:41","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/securelist\/?p=108569"},"modified":"2023-02-06T14:57:03","modified_gmt":"2023-02-06T14:57:03","slug":"prilex-modification-now-targeting-contactless-credit-card-transactions","status":"publish","type":"post","link":"https:\/\/securelist.com\/prilex-modification-now-targeting-contactless-credit-card-transactions\/108569\/","title":{"rendered":"Prilex modification now targeting contactless credit card transactions"},"content":{"rendered":"

Prilex is a singular threat actor that has evolved from ATM-focused malware into unique modular PoS malware\u2014actually, the most advanced PoS threat we have seen so far, as described<\/a> in a previous article. Forget about those old memory scrapers seen in PoS attacks. Prilex goes beyond these, and it has evolved very differently. This is highly advanced malware adopting a unique cryptographic scheme, doing real-time patching in target software, forcing protocol downgrades, manipulating cryptograms, doing GHOST transactions<\/a> and performing credit card fraud\u2014even on cards protected with the so-called unhackable CHIP and PIN technology. And now, Prilex has gone even further.<\/p>\n

A frequent question asked about this threat was whether Prilex was able to capture data coming from NFC-enabled credit cards. During a recent Incident Response for a customer hit by Prilex, we were able to uncover three new Prilex versions capable of blocking contactless payment transactions<\/strong>, which became very popular in the pandemic times.<\/p>\n

This blog post covers the NFC-related capabilities of recent Prilex modifications.<\/p>\n

Tap-to-pay<\/h2>\n

Contactless payment systems are composed of credit and debit cards, key fobs, smart cards, or other devices, including smartphones and other mobile devices that use radio-frequency identification (RFID) or near-field communication (NFC, implemented in Samsung Pay, Apple Pay, Google Pay, Fitbit Pay, or any bank mobile application that supports contactless) for making secure payments.<\/p>\n

The embedded integrated circuit chip and antenna enable consumers to pay by waving their card, fob, or handheld device over a reader at a point-of-sale terminal. Contactless payments are made in close physical proximity, unlike other types of mobile payments that use broad-area cellular or WiFi networks and do not require close physical proximity.<\/p>\n

\"Different<\/a><\/p>\n

Different ways of tap-to-pay, but only one technology: NFC<\/em><\/strong><\/p>\n

Here is how they work:<\/p>\n