Carders started using the method of "cloning" bank cards with chips described in 2008.
Two weeks ago, Leigh-Anne Galloway, a specialist at the Cyber R&D Lab, presented the results of a study on the implementation of EMV cards by banks. The researcher obtained 11 EMV cards from a number of European, British, and American banks, and using tools similar to those used by carders, copied data from magnetic tapes and easily created versions of these cards, but without a chip.
The fact is that EMV cards also have a magnetic tape in case its holder ends up in a country where bank cards with chips are not supported. The possibility of creating "clones" of EMV cards equipped with magnetic tapes has been known since 2008, but this problem has ceased to be considered relevant, since it was assumed that banks would switch to cards only with chips, without magnetic tapes. Before magnetic tape cards are fully decommissioned, banks must conduct a range of security checks before approving inter-technology transactions. Since many banks do not carry out such verification, the problem known since 2008 is still relevant.
According to Galway, she managed to carry out legitimate transactions using four "clones" of real EMV cards equipped with magnetic tapes. Although the researcher reproached banks for not complying with security checks when approving transactions, two weeks ago this problem was still considered only theoretical.
Everything changed on Thursday, July 30, with the release of the Gemini Advisory report. According to experts, they found ads on cybercrime forums for the sale of EMV card data stolen, in particular, from customers of the American supermarket chain Key Food Stores Co-Operative and the Mega Package Store alcohol store.
Moreover, a notice issued this month by Visa confirms that cybercriminals are using EMV card data. According to the notification, malware for Alina POS, Dexter POS and TinyLoader PoS terminals has received new functions for stealing EMV card data. Previously, these malicious programs did not collect such information, because it could not be monetized. Now, however, things seem to be different.
According to Gemini Advisory experts, both of these facts (the appearance of EMV card data on sale on hacker forums and the Visa notification) indicate that carders have found a way to use EMV card data. Probably, cybercriminals armed themselves with the method described 12 years ago, used in the Galway study and called EMV-Bypass Cloning.
Blocking this type of fraud is easy, as banks only need to conduct more thorough checks when processing transactions from magnetic strips from cards that also have an EMV chip. According to a study by Cyber R&D Labs, some banks do this, and some do not.
Two weeks ago, Leigh-Anne Galloway, a specialist at the Cyber R&D Lab, presented the results of a study on the implementation of EMV cards by banks. The researcher obtained 11 EMV cards from a number of European, British, and American banks, and using tools similar to those used by carders, copied data from magnetic tapes and easily created versions of these cards, but without a chip.
The fact is that EMV cards also have a magnetic tape in case its holder ends up in a country where bank cards with chips are not supported. The possibility of creating "clones" of EMV cards equipped with magnetic tapes has been known since 2008, but this problem has ceased to be considered relevant, since it was assumed that banks would switch to cards only with chips, without magnetic tapes. Before magnetic tape cards are fully decommissioned, banks must conduct a range of security checks before approving inter-technology transactions. Since many banks do not carry out such verification, the problem known since 2008 is still relevant.
According to Galway, she managed to carry out legitimate transactions using four "clones" of real EMV cards equipped with magnetic tapes. Although the researcher reproached banks for not complying with security checks when approving transactions, two weeks ago this problem was still considered only theoretical.
Everything changed on Thursday, July 30, with the release of the Gemini Advisory report. According to experts, they found ads on cybercrime forums for the sale of EMV card data stolen, in particular, from customers of the American supermarket chain Key Food Stores Co-Operative and the Mega Package Store alcohol store.
Moreover, a notice issued this month by Visa confirms that cybercriminals are using EMV card data. According to the notification, malware for Alina POS, Dexter POS and TinyLoader PoS terminals has received new functions for stealing EMV card data. Previously, these malicious programs did not collect such information, because it could not be monetized. Now, however, things seem to be different.
According to Gemini Advisory experts, both of these facts (the appearance of EMV card data on sale on hacker forums and the Visa notification) indicate that carders have found a way to use EMV card data. Probably, cybercriminals armed themselves with the method described 12 years ago, used in the Galway study and called EMV-Bypass Cloning.
Blocking this type of fraud is easy, as banks only need to conduct more thorough checks when processing transactions from magnetic strips from cards that also have an EMV chip. According to a study by Cyber R&D Labs, some banks do this, and some do not.
