Three new variants of the Prilex point-of-sale malware were discovered by Kaspersky researchers to have the capability of blocking NFC-enabled contactless credit card transactions to force targets to insert their credit card into the payment terminal and enable easier card data exfiltration, reports BleepingComputer.
Researchers also found that new filtering capabilities enabling data capture from certain card providers and tiers have also been added to the latest Prilex malware variants.
"These [filtering] rules can block NFC and capture card data only if the card is a Black/Infinite, Corporate or another tier with a high transaction limit, which is much more attractive than standard credit cards with a low balance/limit," said Kaspersky.
However, old techniques, including GHOST transaction attacks and cryptogram manipulation, are still being leveraged by Prilex operators upon data capture. Such an attack may be averted by avoiding payments on visibly tampered terminals, as well as validating transaction details during the whole process.