1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This new Android malware can steal your card details via the NFC

    From TechnologyDaily@1337:1/100 to All on Fri Aug 23 15:15:04 2024
    This new Android malware can steal your card details via the NFC chip

    Date:
    Fri, 23 Aug 2024 15:08:00 +0000

    Description:
    Security researchers spot a sophisticated attack that steals people's NFC
    data and can be used to steal money, and more.

    FULL STORY ======================================================================

    Cybercriminals have reportedly found a way to steal from smartphone users by exfiltrating the data read by their device's near-field communications (NFC) chip.

    The scam was revealed by cybersecurity researchers at ESET, who said it includes progressive web apps (PWA), advanced WebAPKs, and significant social engineering in a multi-step approach that requires a bit of naivety from the victim.

    But its not just about stealing money, as many different services use NFC technology - including access cards, transportation tickets, and more,
    opening victims up to a potential world of hurt. Enter NGate

    It all starts with an SMS message, or an automated call to the victim, in which the crooks impersonate the victims bank and urge them to install a malicious PWA or a WebAPK, claiming they were important updates. Since these apps dont work in the same manner as classic apps, they dont require the same permissions. Instead, they get the necessary access by abusing the browsers API.

    Once that part is out of the way, the fraudsters call up the victim, impersonating a bank employee, and warn them of a security incident. The only way to secure their funds, the scammers explain, is to download an app that verifies the payment card, and more importantly - the PIN number.

    The app is NGate, the malware that can capture NFC data from payment cards close to the infected device, and then send it to the attackers, either directly, or via a proxy. It does so through an open-source component called NFCGate, a research project that allows on-device capturing, relaying, replaying, and cloning features.

    Obviously, once the victim shares their PIN number, its mostly game over. The crooks would use the data to clone the card on their smartphones, and either make cash withdrawals from ATM machines, or make purchases on POS endpoints.

    Commenting on the findings, Google told the publication that Google Play Protect, Androids default security tool, detects this malware.

    "Based on our current detections, no apps containing this malware are found
    on Google Play.

    Generally, Google is doing a solid job at keeping its mobile app repository clean, and the majority of fake and malicious apps are usually hosted elsewhere around the internet. Therefore, the best way to remain secure is to only download Android apps from reputable sources.

    Via BleepingComputer More from TechRadar Pro This security flaw could let hackers unlock hotel doors across the world by hijacking keycards Here's a list of the best firewall software around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-new-android-malware-can-steal-your -card-details-via-the-nfc-chip


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)