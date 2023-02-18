Today, many people use contactless payment with their mobile phones to make purchases without having to touch anything in the store. However, there is a type of virus that can affect these types of payments and endanger our banking information.

This virus is capable of infecting the POS (Point of Sale Terminal) so that the NFC does not work, so that they will force us to pass the physical card. At that time, the card details will be captured by the virus and sent to the hackers.

Hackers can infect POS with this virus, posing as technicians from the company that manages the POS. Once inside the POS, malware can begin to block contactless payments and steal customers’ credit card information.

If you find many rejections to your card through contactless payment in the same establishment and you know that there are no balance problems, it is possible that it is a malware problem. Consumers should be aware of any unusual activity in their bank accounts and consider using other payment options. It would be good to notify the business as well, since they still do not know that they have the infected POS.

What virus is it?

This is Prilex, a type of malware that has been used by groups of cybercriminals to steal credit and debit card information.

This malware has been known to specifically attack POS (Point of Sale Terminals) and use social engineering techniques to trick store employees into gaining access to the POS. Once Prilex infects a POS, it can intercept customers’ bank card information.

Prilex has been identified primarily in Latin America, although it has been reported to have been used in other parts of the world as well. It is important to exercise caution when using contactless/NFC payments and to be alert to any unusual activity in our bank accounts to protect against malware and other types of financial fraud.

A bit of Prilex history

Prilex is specialized credit card information theft malware that has been active in Brazil since at least 2014. It uses a variety of techniques to compromise point-of-sale (PoS) systems and collect credit card transaction information. . Initially, Prilex used replay attacks to exploit weaknesses in the EMV implementation in Brazil. As payment operators and card issuers corrected these weaknesses, Prilex evolved to use “phantom transaction” attacks to conduct fraudulent transactions using EMV cryptograms generated by victims’ cards.

Prilex also uses social engineering techniques to reach its goals. The attackers pose as support technicians and convince victims to download and install the malware on their PoS systems. Malware can collect and transmit credit card information captured through communications between the PoS software and the credit card reader.

The Prilex malware has constantly adapted to new technologies, which suggests that the group of attackers behind the malware is highly sophisticated and possesses advanced technical skills. The latest analysis also suggests that the malware is now being sold as a service, indicating further evolution of the group. In summary, Prilex is an example of how criminals are evolving their attack techniques to take advantage of weaknesses in the security of PoS systems and compromise users’ credit card information.

You have a huge study on Prilex in this link.

How can a business protect itself from Prilex?

A business can take steps to protect itself from Prilex and other types of point-of-sale (POS) malware by implementing the following security measures:

– Keep POS systems updated with the latest patches and security updates.

– Use security solutions, such as antivirus and antimalware software, to detect and prevent attacks.

– Set up and use strong and unique passwords for POS systems.

– Limit access to POS systems to authorized employees only. This is very important, since many of the threats were identified because unauthorized persons infected the merchant’s POS.

– Use data encryption systems to protect customer credit and debit card data.

– Use payment processing services that comply with industry security standards, such as PCI DSS.

– Regularly monitor POS systems and transactions for any suspicious activity.

– Train employees on security risks and how to prevent attacks from malware, phishing and other cyber threats.

By implementing these measures, a business can reduce the risk of being attacked by Prilex or any other type of POS malware and protect its customers’ data.