Back

NGate Android malware relays NFC traffic to steal cash

Aug. 22, 2024, 10:58 a.m.

Tags

malware
phishing
android
banking
2024-08-22
czechia
ngate
relay
nfc

External References

https://www.welivesecurity.com/

https://otx.alienvault.com/

Description

ESET researchers uncovered a crimeware campaign targeting bank customers in Czechia. The NGate Android malware can relay NFC data from victims' payment cards to attackers' devices, enabling unauthorized ATM withdrawals. It's the first time this capability has been observed in the wild. The campaign evolved from using phishing PWAs and WebAPKs to deploying NGate, which tricks victims into providing banking details and NFC card data.

Date

Published Created Modified
Aug. 22, 2024, 10:36 a.m. Aug. 22, 2024, 10:36 a.m. Aug. 22, 2024, 10:58 a.m.

Attack Patterns

NGate

T1509

T1437

T1426

T1417

T1566

Additional Informations

Czechia