Researcher reveals how malware remotely steal card PINs

Posted on November 18, 2012 09:34 pm

Author and penetration tester Paul Rascagneres has developed malware that he said would work on most USB smartcards. The researcher has developed malware capable of remotely stealing two factor PINs generated by USB smartcards.The malware was unique in that it used a driver to access the USB port and ship PINs stolen using a keylogger to a remote command and control server.Rascagneres is expected to present a proof of concept instance of the malware at a Malcon conference this month.According to Rascagneres,the driver is used to make the USB available over IP and to connect to a remote machine.Attackers could deliver the malware through classic vectors including malicious email attachments or exploit kits.

Users could mitigate the threat and others like it by using hardware keypad and via monitoring latency.Rascagneres however did not test the proof of concept on all providers because the malware shares the USB device in raw, we do not target any specific smartcard.In most instances it worked on every smartcard or USB device.The use of a driver to swipe smartcard tokens was unique, Rascagneres said, because existing malware had used the Windows application programming interface to steal PINs.

Contador Harrison