BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Prilex is back


    Contactless payment terminals use NFC chips. The same chips are built into bank cards and mobile devices that support this technology. They allow you to make payments without inserting a card into the terminal. Contactless payments are very convenient and have skyrocketed in popularity since the COVID-19 pandemic.

    The use of NFC chips also made it more difficult for attackers to steal bank card information with special malware. One of the popular malware for attacking payment terminals is Prilex. The malware was noticed for the first time back in 2014 and at first attacked only ATMs, and in 2016 it moved to PoS devices (Point-of-Sale), that is, payment terminals. In September, researchers began noticing Prilex attacks again after a long hiatus.

    On January 31, Kaspersky Lab announced that at least three new variants of Prilex have appeared, with version numbers 06.03.8070, 06.03.8072, and 06.03.8080. They were first released in November 2022.

    New versions of the malware independently detect whether NFC is being used for payments and automatically reject all contactless payments. A standard warning appears on the terminal that contactless payment cannot be made and you need to insert a card. This forces the victim to complete the transaction in the traditional way, which greatly simplifies the collection of card information through the payment terminal.

    Each NFC transaction generates a unique identifier that is valid for only one transaction. Therefore, even if such data is stolen, it will not give anything to scammers. However, Prilex uses a method of cryptogram manipulation and “ghost transaction” attacks, which allows hackers to make any transactions from a compromised card.

    Also, in the latest versions of malicious software, a new feature has appeared - the ability to filter unwanted cards. For example, the following condition must be met: card: credit, not debit; transaction limit: increased, etc. That is, the data of cards that do not meet the conditions will not be transferred to intruders. So they will not “run into” the limits and will be able to immediately “hit the jackpot”.

    To protect yourself from this and other manipulations of scammers, you should follow the standard security measures:

    • Refuse to pay at terminals with visible signs of hacking or non-working contactless payment. In such a place it is better to pay for the purchase in cash.
    • Always check the amount of final transactions with those indicated on the terminal display. And in case of discrepancy between the amounts or the appearance of unnecessary transactions, immediately report this to the bank support.
    • Refuse to use public Wi-Fi when logging into banking applications. Either mobile internet or VPN, if there is no other option.
    • Do not enter your PIN in front of others. Do not share your CVV code or SMS codes with anyone.

    And remember, don't panic even if the money has been stolen. The law is on your side: any card transaction can be challenged if there is enough evidence that you have become a victim of fraud.

    Author DeepWeb
    The largest darknet market InTheBox sells thousands of phishing forms "for a penny"
    Pro-Palestinian hackers threaten Israeli chemical companies and their employees

    Comments 0

    Add comment