Android malware steals payment card data using previously unseen technique

New Android malware, dubbed NGate, is using an infected devices’ NFC readers to swipe and clone payment card data for illicit use at ATMs and point-of-sale terminals. The malware employs an open source tool—NFCGate—for capturing, analysing, and altering NFC traffic. The malware has seen usage in the wild, with victims tricked into installing it through phishing scams. NGate was used against three Czech banks from November to March, indicating its breadth of use.