Point-of-sale malware: the dangers of using credit cards at gas stations in the US, Mexico and Canada

One of the main cybersecurity issues is the fast evolution and diversification of the methods used by malicious hackers, as new attack variants emerge at every moment that affect thousands of people around the world. An example of this behavior is provided by Visa, which has released a security alert warning its users about a hacker group that is infecting gas stations and pumps with a malware variant designed to steal payment card details.  

It seems that the Visa Cybersecurity and Fraud Prevention Team detected this activity over the last summer, identifying multiple attacks by sophisticated hacker groups. This campaign targeted point-of-sale systems in fuel dispensing retailers at multiple locations in the US, Mexico, and Canada.

One of the first incidents was detected in the US, where a company was the target of a phishing campaign. An employee received an email containing an attached link, and after clicking on it, the download of a Remote Access Trojan (RAT) that the hackers used to access the attacked network was triggered.

According to Visa cybersecurity team, after gaining access to the compromised point-of-sale network, hackers injected a sophisticated payment card data collection malware. Although in subsequent incidents detected Visa was unable to detect the way hackers accessed the gas pump, the reports show a mode of operation involving similar malware variants.

This is a much more sophisticated attack variant than the traditional installation of “skimming” devices in gas stations, as now threat actors resort to installing malware to gain access to the internal networks of these companies; it is important to note that Visa only detected the theft of magnetic stripe cards data.

As a recommendation, Visa cybersecurity team recommends that potentially affected companies transition their points of sale to chip-reading-based technology, as these devices significantly reduce the risk of theft of banking information.

A recent release by the research team of cybersecurity firm Tripwire Inc. mentions that the use of magnetic stripe-based technology for credit cards is still very common despite the existence of many other alternatives for years for the security of these means of payment, so it is necessary for card issuing companies to try to implement safer solutions.

Specialists from the International Institute of Cyber Security (IICS) agree with this position, as they believe that the technology used by these companies has been left behind from the requirements needed to maintain payment cards out of the reach of hackers.

To conclude, the specialized ZDNet platform believes that the use of magnetic stripe is coming to its end, as they anticipate that by the end of 2020 fuel dispensing companies will have completed the transition to the use of chip-reading technology and use of PINs to transact at these points of sale. In turn, Visa also urges merchants to update their systems and create a collaborative environment to prevent large-scale credit card fraud, protecting millions of users.