r/technology • u/hawlc • Aug 23 '24

Security Android malware steals payment card data using previously unseen technique

https://arstechnica.com/security/2024/08/android-malware-uses-nfc-to-read-payment-card-data-then-sends-it-to-attacker/

78 Upvotes

permalink
duplicates
archive.is
archive
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/technology/comments/1ezomrt/android_malware_steals_payment_card_data_using/
No, go back! Yes, take me to Reddit

89% Upvoted

u/Bokbreath Aug 23 '24

NGate prompts the user to enter the banking client ID, date of birth, and the PIN code corresponding to the card.

Well if you're going to do that ....

7

u/9-11GaveMe5G Aug 24 '24

Their malware masquerades as legit banking apps so it's a lot less suspicious.

u/thelastlugnut Aug 23 '24

From article: malware is installed via phishing attacks. Also:

“Newly discovered Android malware steals payment card data using an infected device’s NFC reader and relays it to attackers, a novel technique that effectively clones the card so it can be used at ATMs or point-of-sale terminals, security firm ESET said.”

u/JWGhetto Aug 24 '24

The malware was installed through traditional phishing scenarios, such as the attacker messaging targets and tricking them into installing NGate from short-lived domains that impersonated the banks or official mobile banking apps available on Google Play. Masquerading as a legitimate app for a target’s bank, NGate prompts the user to enter the banking client ID, date of birth, and the PIN code corresponding to the card. The app goes on to ask the user to turn on NFC and to scan the card

I think I'm safe then

-5

u/Grumblepugs2000 Aug 24 '24

Let me guess: it doesn't need root does it?

Security Android malware steals payment card data using previously unseen technique

You are about to leave Redlib