The VISA payment processing company, says that North American merchants who operate gas stations are exposed toa series of attacks of groups of cybercriminals seeking ddeploy malware on terminals point of sale (POS) in their networks.
How Malware Works at Gas Stations
In the two security alerts released in November and December, respectively, VISA said its security team intervened in at least five such incidents.
The credit card issuing company claimed that cybercrime groups carried out attacks with the primary purpose of gaining access to vendor networks of fuel, in order to install malware on point of sale terminals.
Point of sale malware works continuously scanning a computer's RAM for what looks like unencrypted payment card data, which collects and then uploads them to a remote server.
The VISA Payment Fraud Interruption (PFD) team argues that cybercrime groups should have found a weak point in the collection procedures that are used in gas stations.
Although many of the POS terminals of some merchants can support chip transactions, the Most card readers installed in gas pumps do not have this capability.
These credit card readers used by most gas stations still run on old technology it can only read the payment data from the card's magnetic stripe.
The data from these outdated card readers they are sent unencrypted to the main gas station network. This is where criminals have found they can intercept them.
In November 2019, VISA reported that it had registered violations in two fuel dispensers, Added to the three alerts that were added in December of this year, serve to highlight that cybercriminals found a new target and a new modus operandi.
As far as is known, the attacks started in the summer of the northern hemisphere and at least two of them are the responsibility of a group of known cybercriminals called FIN8.
Anyway, It does not appear to be a security breach that is very difficult to close.
VISA said that the easiest way for fuel vending companies to protect their customers is encryption of card data while being transferred over a network or stored in memory. The other option is change current terminals by other more modern that can read the chips of the cards.
There seems to be no doubt about which is the preferred option for VISA:
Fuel retailers should take note of this activity and deploy devices that support the chip whenever possible, as this will significantly reduce the likelihood of these attacks.
And this is more than just a suggestion.
Fuel dispenser operators they have until October 2020 for deploy chip-compatible card readers on their gas pumps. As of October 2020, VISA plans to shift responsibility for any card fraud from card issuers to merchants. There is no doubt that it is an excellent incentive for many operators to decide to update their credit card readers. Until then, many remain vulnerable to attack.
In the meantime, if you plan to travel by car in the United States, in addition to choosing the leaded or unleaded gas pump, you will have to go with the one that comes with or without malware.
And, because criminals are constantly finding new ways to steal our data, it is also worth checking our consumptions frequently on our credit card website. After all, as the great Andy Grove said
Only the paranoids survive.