Today's cybersecurity headlines are brought to you by ThreatPerspective


Biz & IT Ars Technica

Android malware steals payment card data using previously unseen technique

Attacker then emulates the card and makes withdrawals or payments from victim's account.

High angle shot of female hand inserting her bank card into automatic cash machine in the city. Withdrawing money, paying bills, checking account balances and make a bank transfer. Privacy protection, internet and mobile banking security concept
Enlarge (credit: d3sign)


Newly discovered Android malware steals payment card data using an infected device’s NFC reader and relays it to attackers, a novel technique that effectively clones the card so it can be used at ATMs or point-of-sale terminals, security firm ESET said.

ESET researchers have named the malware NGate because it incorporates NFCGate, an open source tool for capturing, analyzing, or altering NFC traffic. Short for Near-Field Communication, NFC is a protocol that allows two devices to wirelessly communicate over short distances.

New Android attack scenario


“This is a new Android attack scenario, and it is the first time we have seen Android malware with this capability being used in the wild,” ESET researcher Lukas Stefanko said in a video demonstrating the discovery. “NGate malware can relay NFC data from a victim’s card through a compromised device to an attacker’s smartphone, which is then able to emulate the card and withdraw money from an ATM.”


Read 7 remaining paragraphs | Comments


Published: 2024-08-23T20:12:21













     


© Ethical Hacking News . All rights reserved.

Privacy | Terms of Use | Contact Us