Theoretical Technique To Abuse EMV Cards Detected Used In The Real World
Two weeks ago, ZDNet reported on the results of a very interesting experiment that analyzed how banks implemented EMV (chip) cards on their networks.
In the experiment, researchers from Cyber R&D Lab signed up for EMV (chip) cards at 11 banks from the US, the UK, and the EU.
The research team then used tools similar to the ones used by criminal gangs to copy the information stored on EMV cards and their magnetic stripes.
Researchers took the data from the EMV card and created a magnetic stripe version of the same card, but without the actual chip.
This is possible because all EMV cards also come with a magnetic stripe, for fallback purposes, in case the user travels abroad to non-EMV countries, or has to use an older point-of-sale terminal.
The fact that you could create a magstripe version from EMV cards has been known since 2008; however, fears that it could be abused have been dismissed, as banks expected to move all users to EMV cards and eliminate magstripe cards from the market altogther.
But until that happened and all magstripe versions were removed, banks were supposed to follow a series of security checks before approving inter-technology payments.
This hasn't happened, however, and the loophole first described in 2008 has remained. Case and point, the Cyber R&D Labs experiment, during which researchers said they were able to make valid transactions using four of the EMV-to-magstripe cloned cards.
Researchers blamed banks for failing to follow security checks when approving transactions. However, two weeks ago, the issue was thought to have remained a theoretical problem only.
More than a theoretical threat
But in a report published yesterday, security firm Gemini Advisory said it tracked down two instances on cybercrime forums where hackers had collected EMV card data and were offering it for sale.
This included EMV card data stolen from US supermarket chain Key Food Stores Co-Operative Inc. and US wine and liquor store Mega Package Store, Gemini said.
Furthermore, a Visa alert [PDF] sent out this month also seems to confirm that criminals are now targeting EMV card data. Visa said that that POS malware strains like Alina POS, Dexter POS, and TinyLoader had been updated to collect EMV card data, something they hadn't done before, primarily because the data couldn't be monetized.
Gemini says that both of these incidents -- the ads posted on cybercrime forums and the Visa alert -- suggest that hackers have figured out they could abuse EMV card data.
Gemini now believes that the method criminals are using is the one described many years ago, and the subject of Cyber R&D Labs' recent research -- a method they named EMV-Bypass Cloning.
Blocking this type of fraud should be easy, though, as banks only need to implement more thorough checks when processing magstripe transactions from cards previously associated with EMV technology.
As the Cyber R&D Labs research showed, some banks do, but some do not.
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more