Security News > 2023 > January > PoS malware can block contactless payments to steal credit cards
New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware.
On a payment terminal, contactless transactions use NFC chips embedded in credit cards and mobile devices to conduct close-proximity payments via credit cards, smartphones, or even smartwatches.
Using NFC chips in credit cards has made it harder for point of sale malware to steal credit card information, causing threat actors to develop new methods to steal your payment information.
These new variants introduce a new feature that prevents payment terminals from accepting contactless transactions, forcing customers to insert their cards.
The malware uses a rule-based file to determine if it should block a transaction based on whether it has detected the use of NFC. Prilex's operators block NFC transactions because those generate a unique ID or card number that's only valid for a single transaction, so if that data is stolen, it wouldn't be helpful for the crooks.
"These [filtering] rules can block NFC and capture card data only if the card is a Black/Infinite, Corporate or another tier with a high transaction limit, which is much more attractive than standard credit cards with a low balance/limit," explains Kaspersky in the report.