Skip to main content

POS malware evolves to target chip and PIN-protected cards

(Image credit: Image Credit: 3112014 / Pixabay)

As the adoption of chip and PIN-protected cards (opens in new tab) has spread globally over the last decade, cybercriminals have taken notice and adapted the Prilex point-of-sale (POS) malware to turn stolen credit card data into real functional plastic cards. 

While monitoring financial cybercrime in Latin America, researchers at Kaspersky Lab (opens in new tab) discovered that the Prilex malware, that has been active since 2014, has evolved to target the latest security measures created by banks and credit card companies.

Originally the malware was used to hack ATMs and POS systems created by Brazilian vendors.  Cybercriminals have now taken things a step further by using the stolen credit card data (opens in new tab) acquired from these hacks to create functional plastic cards that can be used online or even in person. 

Due to a faulty implementation of the EMV standard in Brazil that does not verify all of the data used in the approval process, these cloned cards work on any POS system in the country. 

The Prilex malware is made up of three parts: the malware used to modify a POS system to steal credit card information, a server where the stolen information is stored and a user application that can view, clone and save card information.  However, Kaspersky noted that this is the first time where cybercriminals have offered an all-in-one fraud package that even includes a simple and friendly user interface. 

Security analyst at Kaspersky Lab, Thiago Margues offered further details on how cybercriminals are utilising the Prilex malware in a completely new way, saying: 

“We are dealing here with a completely new malware, one that offers attackers everything from a graphic user interface to well-designed modules that can be used to create different credit card structures. Chip and PIN technology is still relatively new in some parts of the world, such as the U.S., and people may lack awareness of the risk of credit card cloning and abuse. In Brazil, the evolved Prilex malware takes advantage of a faulty implementation of the industry standards – highlighting the importance of developing secure, future proof standards for payment technologies,”

Image Credit: 3112014 / Pixabay 

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.