The PoS malware Prilex has recently developed the ability to prevent safe, NFC-enabled contactless credit card transactions, forcing customers to input credit cards that the malware subsequently steals.
To conduct close-proximity payments using credit cards, cellphones, or even smartwatches, contactless transactions utilize NFC (Near Field Communication) chips integrated into credit cards and mobile devices.
Since the COVID-19 epidemic, their popularity has soared due to their convenience, with over $34.55 billion in contactless transactions being reported in 2021.
Although the use of NFC chips in credit cards has made it more difficult for point of sale (PoS) malware to collect credit card information, threat actors have had to come up with other ways to steal your payment information.
Following the Prilex PoS malware closely, Kaspersky claims to have discovered at least three fresh variations with the version codes 06.03.8070, 06.03.8072, and 06.03.8080, which were initially made available in November 2022.
These new variations include a feature that disables contactless transactions at payment terminals, requiring users to enter their cards instead.
Additionally, according to a September 2022 Kaspersky investigation, Prilex introduced EMV cryptogram generation to perform “GHOST transactions” even when the card is protected by CHIP and PIN technology and avoid transaction fraud detection.