Please wait, loading...
If you thought chip and pin cards were foolproof, you might have to reconsider it.
The modified POS Malware software from PrilexTeam has evolved to break through these supposedly ‘infallible security measures’. It steals confidential credit and debit card data which you will be able to turn the dumps into functional money cards. Here’s more details on the same.
Prior to the inclusion of ‘smart’ chips on credit and debit cards, the mag stripe on the back of a plastic card was a common site. It stored important card payment data, which was verified before authenticating a payment. However, the magnetic stripe soon became infamous for its growing vulnerability to cyber attacks. They were easy to clone and replicate.
Magnetic stripes were soon replaced with EMV chips to beef up security. With features such as data storage on chips and generation of unique transaction codes, they were believed to be immune to card skimming and cloning. But not so soon. Cyber criminals have evolved their strategies making EMV cards their new target.
The latest offering from Prilex is a point of sale Malware capable of launching attacks on POS and retrieve Dumps and Pins (EMV) . To add, it can create functioning, fake payment cards as an option.
This POS skimmer software is made of three components:
As per the evidence, the malware is circulated via a traditional system. Potential victims are tricked into providing criminals remote control and access to their computer systems. This is how PrilexTeam is able too install malware to the system.
This interception over a wireless network has been made possible due to a loophole in the implementation of the EMV Principle in Brazil. It affects the ability to complete the verification of data generally conducted prior to approving a transaction. Cloning cards involves transferring a malicious Java-based applet disguised as modified CAP files to the fake card’s chip. Thus, point of sale systems automatically validates the PIN and overlook other verification processes.
The payment card data thus stolen is packaged and sold online as dumps in the underground market. Customers receive yet another client application tool “Daphne” to clone cards. They also receive access to an extensive database of card numbers. The data is written to smart cards via GPShell Scripts.
The duplicate cards thus created can be used to complete a transaction on any point of sale system. It could be online or offline. The cards can be used at any POS. The modules are designed such that they help create credit cards of various types and formats. The data theft includes stealing both Chip and PIN data.
Introduced for the first time in 2014, the POS malware software was earlier only used to steal payment card information from ATMs and retailers. Yet another reason for the popularity of this POS skimmer for sale by Prilex is the easy of use. It has a simple and highly intuitive user interface. Not just that, it is an all-inclusive, end-to-end credit card skimmer pos that one can use to commit fraud hassle-free.