{"id":69273,"date":"2024-08-27T23:25:55","date_gmt":"2024-08-27T23:25:55","guid":{"rendered":"https:\/\/gtechbooster.com\/vine\/?p=69273"},"modified":"2024-08-27T23:25:55","modified_gmt":"2024-08-27T23:25:55","slug":"ngate-android-malware-manages-to-steal-card-data-through-nfc-signal-here-is-how-to-stay-safe","status":"publish","type":"post","link":"https:\/\/gtechbooster.com\/ngate-android-malware-manages-to-steal-card-data-through-nfc-signal-here-is-how-to-stay-safe\/","title":{"rendered":"NGate Android malware manages to steal card data through NFC signal: Here is how to stay safe"},"content":{"rendered":"\n

ESET Research researchers have discovered a new Android malware called “NGate” that uses the Near Field Communication (NFC) reader on infected smartphones to steal payment card details.<\/p>\n\n\n\n

Here’s how it works:<\/h2>\n\n\n\n
\"\"<\/a><\/div><\/div>

Attackers spread the malware through sophisticated phishing schemes, often impersonating banks in SMS and other messaging platforms via messages with links to malicious websites. Once installed, the malware collects the victim’s banking credentials and guides them to enable NFC on their phone and tap their payment card against the back of the device.<\/p>\n\n\n\n

The malware then relays the NFC data from the victim’s card to the attacker’s smartphone in real-time. With this stolen data, attackers can create clones of the contactless payment cards and use them to withdraw money from ATMs or make fraudulent purchases.<\/p>\n\n\n\n

The malware is based on the open-source NFCGate tool and represents a new attack vector for financial fraud on Android. While it currently targets users in Czechia (Czech Republic), it could easily spread to other countries hence the need to be on the lookout.<\/p>\n\n\n\n

Overview of the attack<\/strong><\/em><\/h3>\n\n\n\n
\"NGate
NGate Android malware ESET Research<\/figcaption><\/figure>\n\n\n\n
Name<\/th>Gate virus<\/th><\/tr><\/thead>
Threat Type<\/strong><\/td>Android malware, malicious application<\/td><\/tr>
Detection Names<\/strong><\/td>Avast-Mobile (Android:Evo-gen [Trj]), DrWeb (Android.Banker.NGate.1.origin), ESET-NOD32 (Android\/Spy.NGate.B), Kaspersky (HEUR:Trojan-Banker.AndroidOS.NGate.a), Full List (VirusTotal<\/mark><\/a>)<\/td><\/tr>
Symptoms<\/strong><\/td>Malware is designed to stealthily infiltrate the victim’s computer and remain silent, and thus no particular symptoms are clearly visible on an infected machine.<\/td><\/tr>
Distribution methods<\/strong><\/td>Spam SMSes, infected email attachments, malicious online advertisements, social engineering, deceptive applications, scam websites.<\/td><\/tr>
Damage<\/strong><\/td>Monetary losses, stolen identity (malicious apps might abuse communication apps).<\/td><\/tr>
Malware Removal (Android)<\/strong><\/td>To eliminate possible malware infections, scan your mobile device with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.<\/td><\/tr><\/tbody><\/table>
Threat Summary<\/figcaption><\/figure>\n\n\n\n

How to stay SAFE<\/h2>\n\n\n\n

To stay safe, Android users should:<\/p>\n\n\n\n