VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

NGate: Trojanized HandyPay in Brazil Steals NFC Data and PINs for Card Thefts

NGate: троянская версия HandyPay в Бразилии ворует NFC-данные и PIN для краж с карт

Colleagues, a cybersecurity alert: a campaign named NGate has been discovered — a trojanized version of HandyPay targeting users in Brazil.

- ESET reports attackers modified HandyPay by embedding malicious code, likely with LLM assistance.
- A module intercepts card NFC data and entered PINs, exfiltrates them to a C2 server, enabling cash-outs and unauthorized payments.
- Distribution via fake websites (masquerading as the Rio de Prêmios lottery) and counterfeit pages; the app requests to become the default payment app and to enter the PIN.

Why this matters: the rise of NFC fraud and the use of generative AI amplify risks to users and business processes.

Which measures do you consider priorities to protect cards and users?

#cybersecurity #NFC #mobilesecurity #finsecurity

Latest comments

No comments yet.