The NGate malware allows attackers to perform unauthorized ATM withdrawals by capturing sensitive NFC transaction data from an infected mobile phone. This malware tricks users into entering their PIN during a tap-to-pay action, allowing the malware to capture not only the card number but also dynamic one-time codes generated by the card’s chip. The stolen data is then sent to the attacker’s device, enabling them to withdraw cash using an emulating device at an ATM.
To infect users, attackers typically employ social engineering tactics such as phishing emails or calls, tricking potential victims into downloading fake banking apps. Once the malicious app is installed, it requests permissions and guides victims through deceptive card verification steps. The malware is only effective if victims act quickly and trustingly, enabling accomplices to cash out at ATMs as the real-time data is presented.
To prevent NGate infections, users are advised to download apps exclusively from trusted sources, protect their devices with anti-malware solutions, ignore unsolicited communications, and independently verify claims made by potential scammers. Implementing these measures helps safeguard against this sophisticated malware.
👉 Pročitaj original: Malware Bytes
