A new Android malware called NGate can steal debit card information and PINs.
This attack steals your money using ATM machines, your debit card number and PIN.
The Android phone attack, called NGate, exploits Near Field Communication (NFC), the technology enabling contactless payments at stores via cards, Apple Pay, or Google Pay. Once a device is infected with NGate, debit card and PIN data is transmitted to the attacker's servers.
Contactless payment cards generate a one-time use code (OTU) for each transaction, which is meant to prevent theft of debit card data. However, attackers can infect a phone, potentially through a malicious app, and prompt the user to perform a tap-to-pay verification, including entering their PIN. This information is then sent to the attacker.
OTU cards are only valid for a short period. After obtaining the necessary data, the attacker uses it immediately at an ATM via a card-emulating device like a phone, smartwatch, or specialized hardware.
Attackers use phishing emails or SMS messages to get users to install the malicious app. These messages may appear to be from a bank or service provider, claiming an account issue. The goal is to make the user anxious enough to install a "solution" app from a direct link, bypassing the Google Play Store.
After installation, the app requests permissions and prompts the user to verify a card via a tap-to-pay action. An accomplice is present at an ATM, ready to withdraw funds from the account.
This attack has been successful. To prevent it, Malware Bytes recommends the following:
Only download apps from trusted sources like the App Store and Google Play Store, as banks will never use other sources.
Use an updated anti-malware solution for Android.
If someone claiming to be from your bank calls, obtain their information and call back using a verified phone number.
Never respond to unsolicited text messages.
These steps are essential. Attackers rely on users panicking after receiving a text about irregularities with their bank account or potential loss of essential services, leading them to install anything without caution.
Victims may not realize their phone is infected and their account is being drained until it is too late. Therefore, follow these tips to avoid becoming a victim.
Nomad eSIM offers 25% off eSIM data plans with global coverage. Use code IPHONE25; sign-up is required.
Check Out The Offer
Nomad eSIM offers 25% off eSIM data plans with global coverage. Use code IPHONE25; sign-up is required.
Check Out The Offer
25% off eSIM data-only plans & global coverage - enter code IPHONE25, sign up required
25% off eSIM data-only plans & global coverage - enter code IPHONE25, sign up required