ESET researchers have recently uncovered a new Android malware, NGate, which uses NFC technology to facilitate unauthorized ATM withdrawals. This malware, which was not distributed through the Google Play store, relays NFC data from a victim’s payment card through their compromised Android device to the attacker’s device. Once the attacker has this data, they can perform unauthorized transactions at ATMs or transfer funds from the victim’s bank account to other accounts. This novel technique marks a significant evolution in the way malware can exploit contactless payment technologies.
NGate was distributed through deceptive SMS messages that tricked users into downloading a fake banking app. Once installed, the app appeared legitimate and requested sensitive banking information from the user, which was then sent to the attacker’s server. The malware also prompted users to enable NFC on their smartphones and place their payment cards near the device, allowing the malware to capture the card data. This method of attack is notably sophisticated, leveraging NFCGate, a tool initially designed for NFC traffic analysis.
In addition to its digital techniques, NGate can be used in conjunction with physical card emulation. Attackers with physical access to payment cards can use similar methods to copy and emulate card data, though this typically only allows for small contactless payments. The combination of digital and physical techniques underscores the multifaceted approach of modern cybercriminals, who are increasingly sophisticated in their methods of theft.
To protect against such threats, users should adopt comprehensive security practices. This includes verifying website URLs, downloading apps only from trusted sources, keeping PINs confidential, using security apps, disabling NFC when not needed, and employing protective measures such as virtual cards with strong authentication. As malware like NGate continues to evolve, staying vigilant and informed is crucial for safeguarding personal and financial information.
Reference:
