POS Malware Prilex Evolves into All-Inclusive Tool Suite

Prilex, one kind of malware which targets point-of-sale devices and characteristically steals payment card info or money from ATMs and retail companies in Brazil, currently functions like an all-inclusive tool suite which facilitates online crooks with theft of chip as well as PIN card database while develops fake plastic cards of their own.

It's been a worldwide practice to use 'smart' chip/PIN methodology for safeguarding payment cards since last 10 years, while it's becoming so popular that attackers find it very useful.

Understandably, the phony plastic cards function on literally all POS systems in Brazil because the EVM principle has been wrongly implemented that makes payment operators unable to carry out the necessary authentications vis-à-vis the existing data prior to approval of any transaction. Consequently, criminals get the opportunity for planting malevolent Java-based program designed to be one reconfigured CAP file, onto cards' chips that have been cloned that compels POS solutions for accepting by default the PIN authentication while evading all other authentication procedures. Scmagazineuk.com posted this, March 19, 2018.

There are 3 components in Prilex malware: one, which reconfigures POS device while records the info on payment cards; two, certain server with which the illegally acquired info is managed; three, certain user app with which the malware operator is able to see, make a copy or save data from the cards.

The above characteristic makes the malware most notable: the business model related to it enables taking into consideration every need of the user, especially the requirement for user interface which's friendly and uncomplicated.

Evidently, the malware's proliferation is via postal service, duping victimized entities into giving criminals their computer access to carry out some remote session and subsequently plant the malware. Usually, the victimized entities are supermarkets, gas stations as well as common retail markets in Brazil.

The chip/PIN methodology continues to be relatively new within certain regions of the globe. In USA, for e.g., not many people know the dangers related to fake credit cards along with their abuse.

As Prilex exploits erroneous enforcement of industry principles, the necessity for creating secure standards for future payment techniques is underscored.

» SPAMfighter News - 3/23/2018