It’s always important to protect your hard-earned money from hackers and cyberattacks. One way you can do this is to be careful with the links and emails you receive on your phone. Unfortunately, hackers are always on the lookout for ways they can outsmart the general public. And as discovered by ESET, a cybersecurity firm, there is a new “Android malware that uses NFC reader on an infected device” and provided payment data info to attackers.
As reported by PhoneArena, the detected malware gives thieves access to the data so they use it to pay for purchases via a POS (point of sale) or withdraw money out of an ATM. ESET named this malware, NGate, since the attackers used the NFCGate toolkit to analyze NFC traffic. Czech police had previously busted a gang that used the same scheme.
The report revealed how the hackers stole from their victims. They would first send out a text demanding the victim to install an app after an issue with their tax return. The link, however, directed the victims to a fake website that unknowingly collected the credentials of the victim. This would then give the attackers access to their target’s bank account.
After that, a second person would call and pretend to be a bank employee helping the customer protect his account by verifying the card and changing the PIN. They would then ask the victim to enable NFC on his device, which allowed them to run the malware. This allowed the criminals to receive information in real time and even withdraw money straight from an ATM.
After the malware was discovered, Google said:
"Based on our current detections, no apps containing this malware are found on Google Play. Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."
But as the report shared, six apps were discovered to contain the malware from non-Play Store sources. These apps were discovered in November to March.
It’s always important to protect yourself from such scams. The best way you can do this is by never sending personal data, including your PIN numbers. Always assume the other party is a scammer. If you wish to confirm any requests, get the number from Google. Don’t call the number they include in the text message.
Stay safe out there, folks. It’s a crazy world we live in.
Source: PhoneArena
