Criminals have stolen more than €1.5 million ($1.65 million) from a German bank by cloning customer debit cards and then cashing out user funds across Brazil, despite the original cards being protected by EMV (chip-and-PIN) technology.
Manuel Pintag, a cybersecurity analyst and banking fraud expert for Telefonica, told ZDNet that Brazil and Mexico are "the largest EMV card cloning laboratories."
Local criminals often advertise tools to aid in the creation of fully functional clones for EMV cards.
To clone a modern chip-and-PIN card, Pintag told ZDNet that all criminals need is a copy of a legitimate EMV card's magnetic strip.
To obtain such information, criminals often rely on card sniffing devices installed on ATMs or POS terminals, which are also suspected as the primary sources for the debit cards used in the recent OLB incident.
As Kaspersky pointed out in its 2018 report, a valid PIN isn't always even needed, with some cloned cards working with any random PIN entered in a POS or ATM terminal.
In a statement sent to ZDNet, Mastercard said it is still investigating the incident, but the payments processor was able to shoot down some rumors.
"We can confirm that neither Mastercard's network or the EMV technology were compromised," a Mastercard spokesperson said. "Nor has any account or card data been hacked either at Mastercard, OLB or at a third party. This issue derived from a scam involving organized cybercrime using counterfeit cards and terminals."
For the past few years, detecting withdrawals from cloned EMV cards has been a problem for banks around the world.
As Pintag told ZDNet, the easiest way is to monitor for the location and time of financial transactions. Often, fraudulent transactions are mixed with legitimate ones, in two countries at the same time, which Pintag said is a good indicator that card fraud is happening.
Article updated 15 minutes after publication with statement from Mastercard.
These are the worst hacks, cyberattacks, and data breaches of 2019 (so far)