MENU
AVP for Institutionalization 2018

DILG STRATEGIC DIRECTION AVP

ACG-CYBER SECURITY BULLETIN NO 142 UNDERSTANDING THE RISK OF POINT-OF-SALE (POS) PRILEX TROJAN

The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).

The information provided was classified as “Restricted” pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.

SUMMARY

Prilex is a brutal threat which is detected as trojan virus that can bring about severe damage to infected computer system.  Once this nasty PC threat gets installed in the machine, it will start a series of malicious activities into the infected computer that uses high CPU resources and slow the compromised machine. The system will work very slow often get unresponsive. This nasty threat can also disable your anti-virus program and windows firewall. Trojan.Prilex will also download other nasty threat and malware on your computer system.

Prilex trojan has the ability to disable all the security programs like firewall and Windows Defender already installed on PC. Being a trojan virus, it conducts number of malicious activities on your system and does not even ask your permission for execution of all these files.

The virus endangers the target’s Internet environment by redirecting the web searches to other harmful domain which carries more threatening viruses and deceives the victim to download free software, videos, games and files, etc.  It also allows remote access to compromise the computer by changing the PC system settings, registry settings and files to capture and steal personal privacy data without any permission.

It infects with lots of bundled malware, malicious spyware, adware parasites, and all these harmful PC threats can deep hide in your system, processes, files and folders.

Prilex can also hijacks a banking application, robs user input and card information and sends it to a C&C server and the cyber criminals have dissected and analyzed the target ATM.

There is something more important to be learned from Prilex, though. Any bank is subject to have their methods and processes analyzed by criminals and then later abused with highly targeted attacks. It’s concerning, and something that is worth looking into if you’re trying to defend your ATM infrastructure. Jackpotting attacks are very notorious, but a silent attack like this can go unnoticed for months, if not years. These days, setting monitoring tools and protections in place should be mandatory.

In this regard, the public are advised to keep antivirus/anti-spyware software up to date. This will go a long way in keeping malware away and preventing the systems from being compromised.

RECOMMENDATION

The public are advised to follow these tips to avoid being a victim of Prilex trojan, to wit:

  • Install reputable real-time antivirus program and scan your computer regularly;
  • Do not open intrusive links, spam e-mails or suspected attachments;
  • Be caution while downloading software from free resources; and
  • Stay away from suspicious websites.

For additional information, please refer to the following websites:

  • https://www.howtouninstallmalware.org/how-to-remove-trojan-prilex-trojan-worm-completely-from-computer
  • http://www.dlltips.com/how-to-remove-trojan-prilex-completely-from-your-system/
  • https://blog.trendmicro.com/trendlabs-security-intelligence/dissecting-prilex-cutlet-maker-atm-malware-families/

POINT OF CONTACT

            Please contact PCINSP ANGELICA STARLIGHT L. RIVERA, Chief, Personnel Records Management Section thru e-mail address This email address is being protected from spambots. You need JavaScript enabled to view it. or contact us on telephone number (632) 7230401 local 3562 for any inquiries related to this CYBER SECURITY BULLETIN.