- A new type of hacker attack is spreading around the world
- It targets people using NFC payments
- Hackers use malware as well as a planted middle man
Mobile payment is becoming more and more popular. It is only used in the Czech Republic 6 out of 10 young people and it is becoming popular even among the older generation. But even though it is supposed to be secure, hackers are trying to break through its protection and get credit card data. According to the latest news, the so-called is gaining strength in the world Ghost Tapwhich is a type of attack aimed precisely at NFC payments.
The warning is that many people whose mobile payment card was misused did not even notice it. And that’s why even banks are warning about this new type of attack. The hackers succeeded abuse the NFCGate research toolwhich can capture the NFC signal. But the whole procedure is significantly more complicated – and it is even more difficult to detect the misuse of a payment card.
Small payments worldwide
The basis of this attack is malwarewhich gets into the victim’s mobile phone and obtains from it all the necessary data from the payment card loaded in Google Pay or Apple Pay. Once the attacker has these data available, he uploads the stolen card to the payment application. Precisely with the help of the NFCGate signal tool redirects to another mobile a cooperating fraudster who will start paying at the terminals through him.
It is typically about smaller amounts and many purchases within a short time. At the same time, the signal can be spread to several devices, so it is possible to pay with one payment card in several different places in the world at the same time. And even if it is needed confirmation codethe hacker usually gets it with the help of malware on the victim’s phone.
Before the owner of the misused card recovers, his bank account is empty. Or he won’t even notice the loss of money for a long time, because it’s not a dizzying amount.
Only prevention will help
This type of hacker attack is quite difficult to defend against. They should provide one part of the protection bankwhich should receive multiple payments in different parts of the world at the same time very suspicious. Then the victim should also react, who would checking the account statement she should have realized that the card had been misused.
The only defense is subsequent payment card blocking. Unfortunately, a lot of money is often gone by the time it happens. And tracking down attackers is very difficult because they try not to reveal their location when paying.
That’s why it’s the best, according to cybersecurity experts prevention – protect your card payments with the help of one-time passwords, do not automatically confirm them, check outgoing payments on an ongoing basis, do not download unverified applications, protect your device with the help of an antivirus, and so on.
Do you use mobile payment?
Source: Threat Fabric, The Hacker News
Source: www.svetandroida.cz
