Over the past two months, fraudsters have stolen more than 40 million rubles from Russians using the legal application NFCGate, reports Russian developer of technologies to combat cybercrime FACCT
Author:
https://rb.ru/author/kossakovskaya-anastasiya/
Subscribe to RB.RU on Telegram
As discovered by FACCT, the application is capable of intercepting and transmitting bank card data through NFC modules on smartphones. Attackers disguise the program under the guise of applications of popular government services, such as the Central Bank, State Services or the Federal Tax Service.
The malware asks the victim to undergo verification by placing a bank card on the back of the smartphone. As a result, the card data is instantly transferred to the attacker’s smartphone. In some cases, the application asks you to enter the card’s PIN code; This information is also sent to the criminal.
Attackers can install NFCGate on a victim’s device even without their knowledge, using remote access Trojans, for example, CraxRAT, the company said. These malicious programs are usually distributed via instant messengers under the guise of standard application updates, as well as in the form of fake applications from government services, telecom operators and antiviruses.
Previously, in January, Sberbank revealed the work of an online university that was training fraudsters, including hackers, to attack Russian companies. According to Stanislav Kuznetsov, deputy chairman of the bank’s board of directors, the university operated on the dark web and regularly recruited new students. 10 thousand people managed to complete the training.
Author:
Anastasia Kossakovskaya
Source: RB

I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.