Automatically translated.View original post

New NFC malware NGate disguised as payment app

New NFC Malware NGate Disguised as App for Embedded Payment on Android

Using malware to rob money through NFC (Near Field Connection) is not new, but it is always dangerous because it can lose a lot of money quickly, and this time malware has returned.

According to a report by the website Help Net Security, it has mentioned the detection of a malware distribution campaign of the victim's money-sucking type, or the NGage-family Banking Trojan, a malware family that sucks data from the victim's credit card through NFC scanning on the victim's mobile phone to send data to the hacker's data receiver and then swipe the card at the point of purchase (PoS or Point of Sale) as easily as the card itself, called NFC Relay, which a research team from ESET, a well-known antivirus developer, has revealed that the malware is spread by embedded in a payment application. An NFC Relay called HandyPay, which is usually used to share credit cards and debits correctly. This application has been available for download on the Google Play app store since 2021. The campaign has been focused on mobile phone users using the Android operating system in Brazil since the late 2025.

The reason why malware uses embedded to use HandyPay features is that the research team revealed that the hackers behind it are trying to save costs, because the NFC Relay tools used in malware developers are often sold on the black market as malware rental (MaaS or Malware-as-a-Service) with relatively high fees per month, such as NFC Pay with rents of US $400 per month (Baht 13,005.60), and TX-NFC has rents of US $500 per month (Baht 16,257), while the HandyPay app only asks for donations of €9.99 (380.27). Baht) per month only. In addition to this, no permissions have been requested on board. Just set it up as a default payment application (Default Payment App). It is appropriate to use it as an intermediary for malware insertion.

For the malware code that was inserted into the application, the research team found that there was an Emoji in the string value. The Log made it possible to expect that the hackers behind it had used an artificial intelligence or AI in the large language model (LLM or Large Language Model) to help write the malware code, as well as to show that the hackers who used AI to write malware code were not well versed in programming because they had discarded the unique elements of content. That was created with AI left behind.

As for the campaign used to spread malware, the research team found that hackers used two methods. The first was to use the fake website of Rio de Prêmios, the lottery organization of Rio de Janeiro, which, after the victim entered the site, persuaded the victim to play a card game set for the victim to win 20,000 Brazilian reals every time he played, so that the victim pressed the Claim Reward button, which, after pressing the button, took the victim to the WhatsApp chat application, which account. The account of a hacker impersonating a Brazilian government bank called Caixa Econômica Federal to trick the victim into downloading a HandyPay application with malware in an APK file format impersonating the Rio de Prêmios application, while another method would be to use a fake Google Play page to trick the victim into downloading and installing an app called Proteão Cartão, an application that claims to strengthen credit card security from a name that can be translated as Card Protection. The fake app will come in an APK file format where the victim has to install it on board, which is an installation in Side- Loading

After the victim has installed these applications to the machine, the malware latent application will notify the default NFC payment application. It will then request the victim to enter the PIN code of the victim's card and have the victim tap the card with the NFC enabled machine. The malware will read the card data directly to the hacker's receiver to implement the card, while the PIN number will be sent to the C2 or Command and Control server via the HTTP protocol. The server will be the same as the fake application file store. Insert such malware.

# Trending # Lemon 8 Howtoo # lemon 8 diary # nfc # freedomhack

5/16 Edited to

... Read moreจากประสบการณ์ที่ติดตามข่าวสารด้านความปลอดภัยไซเบอร์ ผมขอแชร์คำแนะนำในการป้องกันมัลแวร์ NFC อย่าง NGate ที่ปลอมเป็นแอปชำระเงิน HandyPay เพื่อไม่ให้เงินในบัญชีของคุณถูกโจรกรรมอย่างง่ายดาย มัลแวร์นี้มีความอันตรายโดยใช้ฟีเจอร์ NFC ของโทรศัพท์มือถือ Android เพื่อสแกนและเก็บข้อมูลบัตรเครดิตหรือเดบิตของเหยื่อแบบไม่รู้ตัว การปล่อยให้แอปที่ไม่รู้จักหรือแอปปลอมติดตั้งเป็นค่าเริ่มต้นสำหรับชำระเงิน NFC จึงเป็นความเสี่ยงสูงมาก ข้อดีของแอป HandyPay ที่ถูกใช้เป็นฐานมัลแวร์คือ ค่าบริการถูกและไม่ต้องขอสิทธิ์ใช้งานเยอะ ทำให้แฮกเกอร์เลือกใช้เป็นช่องทางสอดไส้มัลแวร์ง่ายขึ้น ผมขอแนะนำให้คุณตรวจสอบแอปที่ดาวน์โหลดว่ามาจากแหล่งที่เชื่อถือได้หรือไม่ เพราะแฮกเกอร์ใช้เว็บไซต์สแกมหรือ Google Play ปลอม ล่อให้เหยื่อติดตั้งไฟล์ APK ด้วยตนเอง (side-loading) ซึ่งเสี่ยงมาก นอกจากนี้เมื่อได้รับคำขอให้ตั้งแอปเป็นค่าเริ่มต้นสำหรับการชำระเงิน NFC หรือต้องป้อนรหัส PIN ควรคิดให้ดีว่ามีความจำเป็นหรือไม่ เพราะมัลแวร์จะดักข้อมูลเหล่านี้ส่งกลับเซิร์ฟเวอร์แฮกเกอร์ทันที ในแง่การป้องกันเชิงเทคนิค ควรอัปเดตระบบปฏิบัติการและแอปต่างๆ เป็นเวอร์ชันล่าสุดเสมอ ใช้ซอฟต์แวร์แอนตี้ไวรัสที่มีชื่อเสียง เช่น ESET เพื่อช่วยตรวจจับพฤติกรรมมุ่งร้าย และอย่าเปิดฟีเจอร์ NFC ตอนที่ไม่จำเป็นเพื่อจำกัดช่องโหว่ สุดท้าย อย่าหลงกลโฆษณาหรือคำชักชวนให้เข้าร่วมแคมเปญแจกของรางวัลผ่านเว็บไซต์แปลก ๆ และอย่ากดลิงก์ที่ส่งมาทางแชทโดยไม่ตรวจสอบอย่างละเอียด เพราะมันอาจเป็นกับดักให้ดาวน์โหลดมัลแวร์ลงเครื่องโดยไม่รู้ตัว การใช้สติและความระมัดระวังจะช่วยรักษาความปลอดภัยทางการเงินของคุณได้ดีกว่าการพึ่งพาเครื่องมือใดเครื่องมือหนึ่งเพียงอย่างเดียว หวังว่าเกร็ดเล็กเกร็ดน้อยจากประสบการณ์นี้จะเป็นประโยชน์สำหรับทุกคนที่ใช้โทรศัพท์และชำระเงินผ่าน NFC ให้อัปเดตตนเองเสมอเพื่อความปลอดภัยทางไซเบอร์ครับ

Related posts

The image displays the title slide for 'Helpful AI prompts for creators' from 'CREATOR SYSTEMS', aiming to help creators create faster, organize smarter, and stop rebuilding processes from scratch. It encourages users to swipe for prompts.
The image presents 'PROMPT 05: Turn your expertise into a series'. The prompt asks AI to help turn expertise on a topic into 5 recurring content series that educate, build authority, and are engaging. It's for creators who know their stuff but struggle to package it.
The image shows 'PROMPT 01: Turn messy ideas into content'. The prompt asks AI to organize scattered content ideas into 3-5 content pillars, explain each, and suggest recurring post themes. It's for creators with many notes but blurry strategy.
Creator prompts
some helpful ai prompts for creators. I'm deep into ai engineering, don't mind me. #aipromptideas #creatorideas
Bytes' Atelier

Bytes' Atelier

61 likes

A young woman with long dark hair, wearing a pink satin shirt, smiles at the camera while sitting at a table. Overlay text reads: 'Tools and sites I use as a cybersecurity student to progress my skills and keep me interested in studying'.
A screenshot of 'The Hacker News' website, displaying various cybersecurity news articles from January 2025, including topics like vulnerabilities, malware, cyber espionage, and AI jailbreak methods. An ad for Zscaler and a banner for CIS Hardened Images are also visible.
A screenshot of the O'Reilly learning platform, showing various books and expert playlists related to AI, engineering, and data. Overlay text highlights the subscription cost ($50/month or $499/year) and its value for accessing books and live events.
Tools and sites I use as a cybersecurity student 🌸
#cybersecuritystudent #cybersecurity #techgirlie
LexiStudies

LexiStudies

110 likes

It's no secret that Karol G just slayed the #Grammys #Glambot . #AwardsSeason
user6854050772614

user6854050772614

11 likes

Replying to @malwaredb my favorite eyeshadows from Moira 💗 I use the shade renegade so often and people literally stop me to ask where it’s from almost every time I wear it! #beauty #makeup #eyeshadow @moiracosmetics
aaliyah ✈️

aaliyah ✈️

0 likes

Check out this website that helps you when you’re feeling uninspired! I walk you thru the process of downloading the svg file to taking it to cricut design space! Happy crafting. #designinspo #creativeart #cricutprojects #svgfiles #CricutTips
VlunaWorks

VlunaWorks

47 likes

Prompts for creators
🌱 From Chaos to Calendar: Ready to move those organized tasks into Notion? Here are 3 simple steps to seamlessly integrate your to-dos into your existing system. Keep it low-friction & effective! Copy & paste your sorted tasks! 📅 #NotionTips #TaskManagement #DigitalOrganization #work
Bytes' Atelier

Bytes' Atelier

11 likes

Turn Jumbled Ideas into a Content Plan
A cozy creator prompt for sorting through messy thoughts when your brain feels too full to start. Use AI to organize what’s already in your head into clear themes, possible post ideas, and one simple place to begin. Perfect for overwhelmed creators who need a softer way to plan content without sta
Bytes' Atelier

Bytes' Atelier

6 likes

Turn Your Perfume Into a Content Idea
A tiny creator prompt for turning your fragrance shelf into content inspiration. Pick one perfume, describe it, or upload a photo — then let AI help you turn the scent into a mood, story, and post idea. #AICreatorPrompt #PerfumeTok #ContentIdeas 📝 Prompt: “Use this perfume as inspir
Bytes' Atelier

Bytes' Atelier

6 likes

When Your Posts Stop Moving, Ask AI This
Tiny creator prompt for when your posts stop moving: Instead of assuming everything is failing, ask AI to look for patterns. Sometimes the answer is not “change everything.” Sometimes it is: * make the hook clearer * show the outcome sooner * use a more specific example * go back to the post
Bytes' Atelier

Bytes' Atelier

2 likes

Reusable AI Prompts for Dashboards, Databases...
Notion Skills Prompt Pack for turning your ideas into reusable Notion AI workflows. Includes 5 prompt cards for dashboards, databases, workflows, projects, and content planning. Save each prompt as a Notion page, mark it as a Skill, and reuse it whenever you need a simple system. #aiprompts #ai
Bytes' Atelier

Bytes' Atelier

10 likes

The man used a modified weapon to carry out an assassination
screenserenade011

screenserenade011

4 likes

How to Make a Dyson Sphere in Sandboxels
#dysonsphere #science #sciencegames #gaming #pixelart
R74n

R74n

7 likes

A white card titled "Card 1: AI-Powered Morning Routine Designer" on a wooden table, next to a steaming cup of tea, an open notebook, and a succulent. The card details a use case for designing a gentle, effective, and cozy morning routine using AI.
A white card titled "Card 2: Weekly Review & Reflection with AI Insights" on a wooden table, surrounded by a succulent, a notebook, and a "COZY" mug. The card describes a use case for conducting a reflective weekly review with AI to optimize workflow.
A white card titled "Card 3: Distraction-Free Focus Space AI Setup" on a wooden table, with a steaming cup, notebook, and pen. The card outlines a use case for creating a Notion focus mode for deep work, minimizing friction and maximizing flow.
🎨 Cozy Notion AI Prompt Pack: OS Lessons
Transform your Notion workspace with this cozy prompt pack! Learn how to use Notion AI with lessons from my personal operating system for gentle productivity and effortless organization. Perfect for beginners looking to integrate AI into their daily flow. #Notion #NotionAI #Productivity #
Bytes' Atelier

Bytes' Atelier

4 likes

🚨 16 Billion passwords leaked - the largest breach ever 🚨 Here is how it happened and what you can do to be safe. #news #databreach #cybersecuritytips #onlinesafety
Cybersecurity Girl

Cybersecurity Girl

130 likes

A vibrant cover image featuring Anjali Viramgama amidst confetti, with the title "Top Cybersecurity Certificates." It highlights key certifications for advancing skills and knowledge in cybersecurity.
A card detailing the Certified Information Security Manager (CISM) certification. It explains CISM focuses on managing information security programs, covering risk management, governance, and incident response.
A card detailing the Certified Ethical Hacker (CEH) certification. It explains CEH focuses on ethical hacking and penetration testing, covering topics like network scanning, malware threats, and social engineering.
Top Cybersecurity Certificates
There are several reputable cybersecurity certifications that can help you advance your skills and knowledge in the field of cybersecurity. 1. Certified Information Systems Security Professional (CISSP): - CISSP is a globally recognized certification that covers a wide range of cybersecurit
anjali.gama

anjali.gama

111 likes

Happy Pride 🌈 Smell Gay 💋
KST is a true fragrance artist! and my clients are addicted to the Banana Milk Coffee. They have told me it's the perfect summer coffee scent. Other clients like Gay Oppa and P*ssy Power more. And I know they plan on wearing them to pride events ⭐️Overall rating: 10/10 #bananaperfumes
✨ Malware Noir ✨

✨ Malware Noir ✨

1 like

Squid Game Cookies in Sandboxels
#game #gaming #baking #squidgame #dalgona #games
R74n

R74n

87 likes

Tiny AI tip I use when a project starts feeling messy:
Changing topics? Change chats. Context windows fill up like a cup. After a while, your AI may still remember pieces of the old conversation, but the chat can get crowded with too many directions, drafts, and side quests. Before I switch topics, I ask: “Summarize the useful context from thi
Bytes' Atelier

Bytes' Atelier

2 likes

A motivational quote, 'People come and go in your life. But the right ones will always stay,' is overlaid on an image. It shows two people lying on a wooden dock, holding a white paper house cutout above them, with calm water in the background.
Crypto wallets under threat new malware
https://www.msn.com/en-us/news/news/content/ar-AA1MpAsd?ocid=sapphireappshare #crypto #crypto wallets #malware
angela1957

angela1957

0 likes

You need TikTok ?
Here is how you can download TikTok if you need help with and apple phone just ask me I can help with Apple phone you need to change your region on the Apple Pay store
Ali

Ali

10 likes

☕️ messy notes ??
Turn your chaotic brainstorming into clear, actionable steps! This prompt helps you organize thoughts and find a gentle path forward. Copy & paste your brain dump and let AI do the heavy lifting #AIPrompts #NotionAI #OrganizedThoughts #aipromptsforbusiness
Bytes' Atelier

Bytes' Atelier

6 likes

You Don’t Need an AI Agent Yet
Before you build something complex, fix the workflow underneath it. Better structure, cleaner prompts, and thoughtful automation usually move faster than “agentic” magic. If you don’t know where to start, we can help. We help CEOs everyday find a starting point. #AIWorkflows #AutomationTi
Bytes' Atelier

Bytes' Atelier

2 likes

Elite Hacker Destroyed His Empire By Forgetting On
Bro, I really forgot to use a VPN 💀 #hacker #cybercrime #fail #tech #arrestedstupidly
arrestedstupidly

arrestedstupidly

1 like

If you’re staring at Cricut Design Space with zero ideas this is for you! This free SVG website is perfect when you need inspiration fast. Save & share with your crafty bestie 💖 #designinspo #creativeart #DesignProcess #cricutprojects #CricutTutorial
VlunaWorks

VlunaWorks

2 likes

Google probably installed an AI on your computer. Let’s get rid of it together #fyp
PiratePrincessJess

PiratePrincessJess

0 likes

How my perfume prompt started
This is my process most day. 🗒️ 💅🏼 A picture of what I have and or want to wear. Then using ai to make sure it will work. ⚡️ 💕 And of course, putting it on!! 🤖Asking Ai to help make the photo better, then posting. #promptschatgpt #aipromptsforcreators #perfumetips #emergingcreator
Bytes' Atelier

Bytes' Atelier

1 like

Windows Tools - Part 1: Task Manager
💻 Windows Tools Every IT Professional Should Know 🩷 Part 1: Task Manager Task Manager is one of the first tools many IT professionals learn to use—and for good reason. Whether you’re troubleshooting a slow computer, investigating high resource usage, reviewing startup applications, monitorin
ITwDee

ITwDee

9 likes

🛡️ The GIS-R10 Controller — Enterprise-Level Power
🚀 The perfect hotspot solution for internet speeds of 400 Mbps! Designed for medium to large hospitality businesses like hotels, resorts, campgrounds, RV parks, marinas, and more, the GIS-R10 makes it easy to provide WiFi access as a complimentary service or a paid option. 🏨🌴🚐⚓ ✨ Why business
Guest Internet

Guest Internet

0 likes

😫 Wanting to quit your 9-5?
Becoming a Pinterest Manager might be for you! In less than a year, I went from earning $2K at my 9-5 to over $4K/month with Pinterest management alone. Now, with all the different skills and platforms I lesrned, I make anywhere from $12-15K A MONTH! Back then, I knew I had to do something
Bria | Social, Design, & AI

Bria | Social, Design, & AI

485 likes

#podcast #podcastclips #tools #fyp #diy #satisfying #story #relaxingvideos #nba
Kalani Vesey

Kalani Vesey

0 likes

A desk setup with a curved monitor displaying a pink grid wallpaper and pixel art juice boxes. An overlay on the screen reads "How to Make Your PC Run Faster – 5 Easy Tips!". A keyboard, laptop, and drink are on the desk, with a Lemon8 watermark.
A desk setup with a monitor displaying tips for a faster PC, including "Upgrade Your Storage & RAM," "Keep Your Drivers & OS Updated," and "Check for Malware & Viruses." An overlay highlights "Upgrade Your Storage & RAM and more!" with a Lemon8 watermark.
A desk setup with a monitor displaying instructions for "Disable Startup Programs" and "Clean Temporary Files." The screen shows steps like using Task Manager and deleting temporary files. A keyboard, laptop, and drink are on the desk, with a Lemon8 watermark.
⚡ How to Make Your PC Run Faster – 5 Easy Tips! 🖥️🔥
💡 1. Disable Startup Programs 🚀 Too many apps launching at startup slow down your PC! ✅ Open Task Manager (Ctrl + Shift + Esc) ✅ Go to the Startup tab ✅ Disable unnecessary apps to speed up boot time 💡 2. Clean Temporary Files 🗑️ Over time, junk files slow your system down. ✅ Press Win
skaeszun

skaeszun

284 likes

#fyp #movie
Hhping

Hhping

18 likes

🌿 🤍 Bright Green Tea + Violet Vanilla Glow 🌿💜
Today’s layer is giving fresh, cozy, and lightly sweet without feeling heavy: Elizabeth Arden Green Tea Valentino Donna Born in Roma Green Stravaganza Solar Flare / Cheirosa 59-style mist This opens clean and bright with that spa-like green tea freshness, then Green Stravaganza adds a smoot
✨ Malware Noir ✨

✨ Malware Noir ✨

10 likes

needed to relax 🙂‍↕️
#emergingcreator Bourbon Vanilla + Burberry Goddess is a very natural match. Bourbon Vanilla body cream will make Goddess feel warmer, sweeter, and more plush. Goddess already has that vanilla-lavender profile, so the cream turns it into a softer vanilla cashmere blanket scent. Best way to we
✨ Malware Noir ✨

✨ Malware Noir ✨

4 likes

📍USB Write Protected? Fix It Instantly
Seeing “The disk is write-protected” error on your USB drive? This quick guide shows how to remove write protection and regain full access to your files. Learn how to check the physical lock switch, use DiskPart commands, repair file system errors, and fix registry issues step by step. Many cases a
XanthusTechCore

XanthusTechCore

5 likes

The Podcast Invite Scheme! Always remember - it’s not your fault ♥️ this happens to so many people. Most importantly: STAY SUSPICIOUS OF EVERYTHING 🥰💕 #podcastinvite #podcast #creator #storytime #scheme
Chloe

Chloe

70 likes

A colorful Disney tattoo of Stitch from Lilo & Stitch on an arm, featuring a watercolor-style blue and purple splatter background. The character is depicted with a wide, happy grin and outstretched arms, showcasing a vibrant and playful design.
A Disney tattoo on an arm featuring Thumper from Bambi, sitting among purple and blue flowers and tall grass. The tattoo includes the text "Macushla R.I.P. Johnny" below the character, rendered in a traditional tattoo style.
A traditional-style Disney tattoo on a leg depicting Esmeralda from The Hunchback of Notre Dame. She is shown in a flowing purple dress, holding a large crescent moon or hoop, surrounded by golden stars. The text "From my flash! Tiny blast over" is visible.
🏰✨Disney Tattoos✨🏰
Did you know, I’m a HUGE Disney nerd! It’s always a treat whenever I get to do something based on Disney, small or big, flash or custom 🥰 Here’s just a small compilation of some of my favorites! #disney #disneytattoo #tattoo #tattooartist #traditionaltattoo
Malware 🔜 FC

Malware 🔜 FC

378 likes

You Won’t Expect This
You Won’t Expect This #thenewearth #newearth #earth #multidoimensional #dimension
Smooth DoubleB

Smooth DoubleB

0 likes

#batman is not the world’s greatest detective in fact he’s like the latest detective to find the guild. The world’s greatest detective is #detectivechimp #dccomics
Dan!

Dan!

3 likes

A Ben 10 gym audio for you. #fyp #gym #ben10 #ben10omniverse #audio
IzzyywiththeZ

IzzyywiththeZ

0 likes

The World’s Deadliest Assassin Disguised Himself as a Frail German Noble—and No One Suspected a Thing.
movie_belle004

movie_belle004

1 like

A person with long dark hair and a straw hat walks through a sunny public square. Overlay text reads "CYBERSECURITY CAREER Tips to get started," introducing advice for a career in cybersecurity.
A person in a white dress walks on a path next to green bushes. Overlay text advises to "Build a Strong Technical Foundation" by learning networking basics, operating systems, and scripting languages.
People walk across a street with benches and trees in the background. Overlay text suggests to "Get Hands-On Experience" through CTF competitions, cybersecurity challenges, and setting up a home lab.
Tips for pursuing a career in cybersecurity
1. Build a Strong Technical Foundation A solid understanding of systems, networks, and programming is essential for identifying and mitigating security threats. • Learn networking basics (e.g., TCP/IP, firewalls, VPNs). • Gain familiarity with operating systems (Windows, Linux)
vedha | career tips (tech) 👩‍

vedha | career tips (tech) 👩‍

137 likes

See more