CardingLeaks Support Telegram | Click To Message


CardingLeaks Moderator
Super Moderator
VIP Carder
CardingLeaks User
Nov 15, 2015
Cyber criminals have already figured out a way to hack the new chip-and-PIN credit card system currently being introduced at businesses throughout the United States. Five French citizens have been convicted of manipulating vulnerabilities in the system with a card-switching technique that included substituting the PIN on a stolen card with a cheap piece of plastic.

French researchers from the École Normale Sperieure, a technology university, published a research paper revealing the case of five thieves who were arrested in 2011 and 2012 for spending 600,000 euros (roughly $680,000) with stolen credit cards. Using X-ray analysis and other microscopic scans, the researchers figured out that the criminals actually inserted a second chip onto stolen chip-and-PIN cards, enabling them to dupe the PIN verification on many registers' point-of-sale (POS) terminal.

The fake chip, known as a FUNcard, enabled the thieves to carry out a Man In The Middle attack, which involves intercepting communications on the point-of-sale (POS) terminal. When a shopper inserts his or her card into a POS terminal, the terminal automatically tries to verify its authenticity. In this case, the FUNcard was waiting with its own, fake “yes” signal when the authenticity check arrived.

“The attacker intercepts the PIN query and replies that it's correct, whatever the code is,” ENS researcher Remi Geraud told Wired magazine Tuesday. “That's the core of the attack.”

Until 2011, the concept of spoofing the PIN on a chip-and-PIN card was largely theoretical. A group of Cambridge University researchers discovered similar flaws, but this French crime ring appears to have been the first time the trick was discovered in the wild. Malicious software used on ATMs in Russia and Europe has also broken through chip-and-PIN safeguards, allowing thieves to drain ATMs of cash in at least one case.


Registered User
CardingLeaks User
Mar 30, 2016
Thanks that was sick! I would love to know the mechanics behind how this works as well as what makes this work because in theory this has countless practical applications that would be impossible to prevent them all.

Who has read this thread (Total: 0) View details

Who is viewing this thread (Total: 1, Members: 0, Guests: 1)