Android users have a new threat to watch out for…NGate malware. Unlike other malicious software, NGate makes use of NFCGate, an open source tool for capturing, analyzing, or altering NFC traffic. This protocol that allows two devices to wirelessly communicate over short distances and can be found in many card readers as well as ATM machines.
Put simply, this malware can instantly relay NFC data from a victim’s card through a compromised device to an attacker’s smartphone or other mobile device, which is then able to emulate the card and withdraw money from an ATM before its owner can have the card deactivated. Bad actors stealthily hide NGate in legitimate-looking mobile banking apps on Google Play.
- Carrier compatibility: ATandT: VoLTE, Verizon: VoLTE, T Mobile: VoLTE, WiFi Calling, Video Calling, Tracfone, Optimum Mobile, GSM, CDMA. Does not...
- 6.5" HD plus display. Bring your favorite content to life on a stunning ultra-wide screen.
- Up to three-day battery. Leave your power worries behind thanks to a massive 5000mAh battery.
The announcement by the Czech police revealed the attack scenario started with the attackers sending SMS messages to potential victims about a tax return, including a link to a phishing website impersonating banks. These links most likely led to malicious PWAs. Once the victim installed the app and inserted their credentials, the attacker gained access to the victim’s account. Then the attacker called the victim, pretending to be a bank employee,” said Jakub Osmani, ESET Researcher.
[Source]
