Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label NFC. Show all posts
Payment Fraud
Cyber Fraud Ghost Tap NFC Payment Card Payment Fraud

New Ghost Tap Assault Exploits NFC Mobile Payments to Steal Funds

 

The attackers are increasingly relying on a novel approach that employs near-field communication (NFC) to pay out victims' funds at scale. ThreatFabric's Ghost Tap technology enables fraudsters to cash out money from stolen credit cards related to mobile payment services such as Google Pay or Apple Pay while relaying NFC traffic. 

"Criminals can now misuse Google Pay and Apple Pay to transmit your tap-to-pay information globally within seconds," the Dutch security company stated. "This means that even without your physical card or phone, they can make payments from your account anywhere in the world.”

These attacks usually include deceiving victims into downloading malware for mobile banking, which subsequently uses an overlay attack or a keylogger to steal their banking credentials and one-time passwords. As an alternative, it can include a voice phishing feature.

Once the threat actors get the card information, they proceed to link the card to Apple Pay or Google Pay. However, the tap-to-pay information is sent to a mule, who is in charge of making fraudulent transactions at a business, in an effort to prevent the issuer from blocking the cards. A reliable research tool called NFCGate, which has the ability to record, examine, and alter NFC traffic, is used to achieve this. Using a server, NFC traffic can also be transferred between two devices. 

Researchers from TU Darmstadt's Secure Mobile Networking Lab stated that one device functions as a reader reading an NFC tag, while the other device emulates an NFC tag using the Host Card Emulation (HCE).

The most recent development is the first instance of NFCGate being misused to relay data, even though ESET previously noted that bad actors have previously utilised the technology to transfer NFC information from victims' devices to the attacker using NGate malware back in August 2024. 

"Cybercriminals can establish a relay between a device with stolen card and PoS [point-of-sale] terminal at a retailer, staying anonymous and performing cash-outs on a larger scale," ThreatFabric explained. "The cybercriminal with the stolen card can be far away from the location (even different country) where the card will be used as well as use the same card in multiple locations within a short period of time.” 

The approach has further benefits in that it can be employed to purchase gift cards at offline businesses without the fraudsters being physically present. Even worse, it can be utilised to expand the fraudulent operation by recruiting the assistance of multiple mules in different locations over a short period of time. 

Further complicating the detection of Ghost Tap assaults is the fact that the transactions appear as if they are originating from the same device, hence circumventing anti-fraud measures. It can be more difficult to determine their precise location and the fact that the associated card was not used to complete the transaction at the PoS terminal if the device is in flight mode.
Read more »
Technology
Android Malware NFC NGate Payments Technology

Is Tap-to-Pay Dangerous? How New Android Malware Exploits NFC Technology

Is Tap-to-Pay Dangerous? How New Android Malware Exploits NFC Technology

Tap-to-pay technology, which allows users to make quick transactions with a simple tap of their smartphone, has become increasingly popular. However, with convenience comes risk. A recent discovery of a new Android malware by ESET, known as NGate, has raised significant concerns about the security of tap-to-pay transactions. This blog will delve into how this malware operates, the potential risks it poses, and how users can protect themselves.

Understanding NGate Malware

NGate is a sophisticated piece of malware designed to exploit the Near Field Communication (NFC) technology used in tap-to-pay transactions. NFC allows devices to communicate wirelessly when they are close to each other, making it ideal for contactless payments. However, this same technology can be manipulated by malicious actors to steal sensitive financial information.

How NGate Works

The NGate malware is typically spread through social engineering and phishing tactics. Attackers often disguise the malware as legitimate banking apps or other trusted applications. Once a user unknowingly installs the malware, it begins to operate in the background, capturing sensitive information.

One of the most alarming features of NGate is its ability to clone contactless credit and debit cards. By exploiting the NFC feature, the malware can intercept and replicate the data transmitted during a tap-to-pay transaction. This cloned data can then be used by attackers to make unauthorized transactions, effectively draining the victim’s bank account.

The Impact of NGate

The implications of NGate are far-reaching. With the ability to clone contactless payment cards, attackers can carry out fraudulent transactions without the victim’s knowledge. This not only leads to financial loss but also undermines trust in tap-to-pay technology.

Moreover, the spread of NGate highlights the evolving tactics of cybercriminals. As technology advances, so do the methods used by attackers. This underscores the importance of staying vigilant and adopting robust security measures.

Protecting Yourself from NGate

  • Always download apps from official app stores like Google Play. Be cautious of apps that request unnecessary permissions or seem suspicious.
  • Use built-in security features on your smartphone, such as biometric authentication and two-factor authentication (2FA). These add an extra layer of protection.
  • Keep your device and apps updated. Security patches are often released to address vulnerabilities that could be exploited by malware.
  • Be cautious of unsolicited messages or emails that prompt you to download apps or provide personal information. Verify the source before taking any action.
  • Regularly check your bank statements and transaction history for any unauthorized activity. Report any suspicious transactions to your bank immediately.

Read more »
NGate
Android Malware malware NFC NFC Payment NGate

Protecting Your Wallet: Understanding NGate Android Malware

Protecting Your Wallet: Understanding NGate Android Malware

A new and sophisticated malware has emerged, targeting the increasingly popular Near Field Communication (NFC) payment systems. Known as NGate, this Android malware has been discovered by ESET Research and poses a significant risk to users’ financial security. This blog delves into the workings of NGate, its implications, and measures to protect against such threats.

Understanding NGate Malware

NGate is a type of malware designed to exploit the NFC capabilities of Android devices. NFC technology allows for contactless payments, making transactions quick and convenient. However, this convenience comes with its own set of vulnerabilities. 

NGate malware leverages these vulnerabilities by relaying NFC data from victims’ payment cards through their mobile phones to an attacker’s device at an ATM. This process enables the attacker to clone the card and withdraw money without the victim’s knowledge.

How NGate Operates

The operation of NGate malware is both ingenious and alarming. Once the malware infects an Android device, it gains access to the NFC functionality. When a victim uses their phone for an NFC transaction, the malware captures the payment card data and transmits it to the attacker’s device. 

The attacker, equipped with a device capable of receiving NFC signals, can then use this data to create a clone of the victim’s card. This cloned card can be used to withdraw cash from ATMs or make unauthorized purchases.

The Implications of NGate

Increased Vulnerability of Contactless Payments 

As contactless payments become more widespread, the potential for exploitation by cybercriminals also increases. NGate demonstrates how easily NFC technology can be manipulated for malicious purposes.

Financial Losses

Victims of NGate malware can suffer significant financial losses. Unauthorized transactions and cash withdrawals can drain bank accounts, leading to financial distress and the arduous process of disputing fraudulent charges.

Erosion of Trust

The success of digital payment systems relies heavily on user trust. Incidents like those involving NGate can erode this trust, making users hesitant to adopt new technologies and potentially slowing down the progress of digital financial services.

Protecting Against NGate and Similar Threats

1. Regular Software Updates: Keeping your Android device’s software up to date is crucial. Manufacturers often release security patches that address known vulnerabilities. Regular updates can help protect your device from malware like NGate.

2. Use Trusted Security Software: Installing reputable antivirus and anti-malware software can provide an additional layer of protection. These programs can detect and remove malicious software before it can cause harm.

3. Be Cautious with App Permissions: Pay close attention to the permissions requested by apps. If an app requests access to NFC functionality without a clear reason, it could be a red flag. Only grant permissions that are necessary for the app’s functionality.

4. Monitor Financial Statements: Regularly reviewing your bank and credit card statements can help you quickly identify any unauthorized transactions. Early detection is key to minimizing financial losses.

Read more »
Subscribe to: Posts (Atom)