Prilex is an interesting ATM malware fully developed by Brazilian cyber criminals. The criminals behind Prilex are also responsible for the development of several PoS malware, allowing them to target both ATM and PoS markets. It is designed specifically to attack Brazilian Bank and is written in Visual Basic 6.0 (VB6), it is specifically designed to hijack a banking application and steal information from ATM users. Traditionally ATM Malware exploit XFS library to disrupts normal behavior of the machine, however Prilex uses specified vendor's libraries, which might have been leaked by an insider or an inside machine was compromised too.
Once the malware is running it has the capability of dispensing money from the sockets by using a special window which is activated by using a specific key combination. There is also a component which reads and collects data from the magnetic stripe of the cards used it ATMs infected with Prilex. All information is stored in a locally saved file.
Prilex ATM Malware Signatures
Family: Trojan:Win32/Tiggre!rfn
MD5: c19913e42d5ce13afd1df05593d72634
SHA256: d10a0e0621a164fad0d7f3690b5d63ecb9561e5ad30a66f353a98395b774384e
Prilex ATM Malware Download
