Beware of NGate! A new Android trojan that uses NFC to steal bank data has emerged

Experts have discovered a new threat to Android users - the NGate malware. It uses NFC chips to steal credit card data.

Here's What We Know

The malware transmits data read by an NFC chip to an attacker's device, allowing them to mimic victims' cards and make unauthorised payments or withdrawals. The campaign using NGate has been active since November 2023 and is linked to an ESET report of bank credential theft in the Czech Republic.

The attacks start with phishing emails, automated calls or malicious adverts tricking victims into installing malicious PWA or WebAPK files. These applications steal customer credentials, and then NGate uses NFCGate to collect payment card data.

Attackers can save this data as a virtual card and replicate it at ATMs or PoS terminals. To withdraw cash, fraudsters obtain the card's PIN using social engineering. Victims enter the PIN in a phishing interface, passing it on to the attackers. Czech police have already caught one cybercriminal, but the threat remains significant.

To reduce the risk, it is recommended to switch off NFC when you are not using it on your device and only install banking apps from official sources.

Source: Bleeping Computer