New Type of Phishing Attack Hackers Use NGate Malware to Target Credit Card Info

TapTechNews August 26th news, the security company ESET reported that they found a new type of phishing attack method. Hackers use a malicious Android software called NGate to conduct phishing attacks, coaxing victims to identify credit cards with the NFC function of their mobile phones, and then transmit the identified credit card payment key to the hackers.

ESET researchers found that currently, customers of three Czech banks have been subjected to this new attack. The hackers' actions started at the end of November 2023. They first established phishing websites and set up download addresses for the NGate malicious software disguised as bank clients in the websites, and then sent out phishing messages in bulk to induce victims to download the applications, thereby stealing a large amount of bank credit card payment key information.

Researchers mentioned that although the Czech police have captured the mastermind behind the NGate malicious software, currently the relevant malicious software is still circulating. The researchers have found a total of 6 different NGateApp variants, and the specific number of victims is unknown.

TapTechNews learned that the NGate malicious software is actually a PWA application. Hackers directly embed the real bank website in the application, so in fact it is difficult for victims to distinguish. Once the victim scans the credit card with the mobile phone NFC according to the application prompt, the relevant information will be directly sent to the hackers.

The security company mentioned that this attack method actually allows hackers to steal victims' money in two ways. If the NFC data transmission is not successful, the hackers can also directly conduct an open transfer using the recorded victim account password. If the NFC data transmission is successful, the hackers can directly swipe the victim's credit card empty through the payment key secretly.