New Android malware NGate allows attackers to transmit NFC signals from one device to another, enabling unauthorized withdrawals from bank accounts via ATMs.
Researchers at ESET have discovered a new type of Android malware called NGate that is capable of interacting with NFC traffic on a device, intercepting it from apps that use NFC, and transmitting that data to attackers. Criminals can use this data to imitate or repeat intercepted information to illegally withdraw money from ATMs. Customers of three Czech banks have already been affected, and malicious domains imitating these banks have also been detected. The code for this malicious software is open, which increases the threat of its spread.
According to ESET data, attackers force victims to install a malicious application under the guise of updating a banking application. After activating NFC on the victim’s smartphone, the malicious app intercepts bank card details, which are then used to create a cloned card and withdraw funds. The suspect in this crime was arrested in the Czech Republic, but researchers believe that this type of attack may spread to other regions.
Experts advise to carefully check the authenticity of bank websites and applications, as well as not to disclose confidential information. Users are encouraged to use digital versions of payment cards that have additional security measures such as biometric authentication.