A research team from IT security consultancy itrust have created a proof-of-concept malware that lets attackers gain access to smartcard readers attached to infected Windows PCs via the internet.
The attack happens when a smartcard reader is connected to the affected computer via USB.
The malware installs a driver onto the USB device that allows the attacker to access information on the victim's smartcard as if it were attached to their own PC.
The researchers, led by IT security consultant Paul Rascagneres, used the Belgian eID national electronic identity card and a selection of smartcards used by Belgian banks to test drive the malware prototype.
As with the British Chip and PIN credit and debit cards, most smartcards use a PIN or password as a secondary authentication method to enhance security.
However, the malware developed by the itrust team also contains a keylogger that can steal these credentials as unwitting users type them on their keyboard.
Victims are unlikely to be unaware they have been attacked until they suffer some kind of identity or financial fraud.
Rascagneres claims the attack is completely transparent to the user as they will not be prevented from using their card reader in the usual way.
Marcin Kleczynski, CEO of Malwarebytes told IT Pro: "The research is another clear indicator of the fact that intelligent malware can breach even the most seemingly watertight counter-measure."
"There has been a massive increase in the value of sensitive business data amongst the criminal underground, so breaches such as this, using new attack vectors, will only increase," Kleczynski added.
A full exposition of the development of the prototype and the threat this kind of malware poses will be delivered in a presentation by Rascagneres, entitled Smartcards Reloaded Remotely! at the upcoming MalCon security conference in New Dehli on 24 November.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
CronRat Magecart malware uses 31st February date to remain undetectedNews The malware allows for server-side payment skimming that bypasses browser security
-
Mekotio trojan continues to spread despite its operators’ arrestsNews Hackers have used it in 100 more attacks since arrests
-
“Trojan Source” hides flaws in source code from humansNews Organizations urged to take action to combat the new threat that could result in SolarWinds-style attacks
-
What is Emotet?In-depth A deep dive into one of the most infamous and prolific strains of malware
-
Fake AnyDesk Google ads deliver malwareNews Malware pushed through Google search results
-
Hackers use open source Microsoft dev platform to deliver trojansNews Microsoft's Build Engine is being used to deploy Remcos password-stealing malware
-
Android users told to be on high alert after Cerberus banking Trojan leaks to the dark webNews The source code for the authenticator-breaking malware is available for free on underground forums
-
Qbot malware surges into the top-ten most common business threats
News An evolved form of the banking Trojan was distributed by number one-ranking Emotet in a campaign that hit 5% of businesses globally
