""The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated," ESET security researcher Lukáš Štefanko said in a report shared with The Hacker News."
""As with previous iterations of NGate, the malicious code allows the attackers to transfer NFC data from the victim's payment card to their own device and use it for contactless ATM cash-outs and unauthorized payments.""
""The latest version of NGate detected by ESET has primarily targeted users in Brazil, marking the first such campaign to single out the South American nation.""
""The fake lottery website seeks to convince a user to tap a button to send a WhatsApp message to claim the prize money, at which point they are directed to likely download the poisoned version of the HandyPay app.""
Researchers have identified a new version of the NGate malware that exploits the HandyPay application. This malware enables attackers to transfer NFC data from victims' payment cards for unauthorized transactions. It can also capture and exfiltrate payment card PINs to a command-and-control server. The latest campaign primarily targets users in Brazil, using deceptive websites to distribute the malicious app. The app requests users to set it as the default payment application, facilitating further exploitation.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]