{"id":51987,"date":"2026-04-23T18:30:25","date_gmt":"2026-04-23T18:30:25","guid":{"rendered":"https:\/\/www.europesays.com\/sk\/51987\/"},"modified":"2026-04-23T18:30:25","modified_gmt":"2026-04-23T18:30:25","slug":"ngate-je-spat-hackeri-nasli-novu-cestu-ako-ti-vybielit-bankovy-ucet-toto-je-ich-modus-operandi-vosveteit-sk","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/sk\/51987\/","title":{"rendered":"NGate je sp\u00e4\u0165: Hackeri na\u0161li nov\u00fa cestu, ako ti vybieli\u0165 bankov\u00fd \u00fa\u010det. Toto je ich modus operandi | Vosveteit.sk"},"content":{"rendered":"

Kyberzlo\u010dinci op\u00e4\u0165 upravili taktiku a pri\u0161li s novou verziou malv\u00e9ru NGate<\/a>. Tentoraz nesiahli po zn\u00e1mych n\u00e1strojoch, ale zobrali legit\u00edmnu aplik\u00e1ciu a potichu ju prerobili na nebezpe\u010dn\u00fd n\u00e1stroj. V\u00fdskumn\u00edci z ESET<\/a> odhalili, \u017ee \u00fato\u010dn\u00edci zneu\u017eili Android aplik\u00e1ciu HandyPay, ktor\u00e1 p\u00f4vodne sl\u00fa\u017eila na prenos NFC d\u00e1t medzi zariadeniami.<\/p>\n

\u00datok stoj\u00ed na tom, \u017ee aplik\u00e1cia p\u00f4sob\u00ed d\u00f4veryhodne a rob\u00ed presne to, \u010do m\u00e1, len popri tom kradne tvoje citliv\u00e9 \u00fadaje. \u00dato\u010dn\u00edci do nej pridali \u0161kodliv\u00fd k\u00f3d, ktor\u00fd preniesol \u00fadaje z tvojej platobnej karty priamo k nim. N\u00e1sledne ich vyu\u017eili napr\u00edklad na bezkontaktn\u00e9 v\u00fdbery z bankomatov alebo platby bez tvojho vedomia.<\/p>\n

<\/p>\n

<\/p>\n

Odoberaj Vosveteit.sk cez Telegram a prihl\u00e1s sa k odberu spr\u00e1v
\n <\/a><\/p>\n

V\u00fdskumn\u00edci upozornili aj na zauj\u00edmav\u00fd detail. V k\u00f3de sa objavili prvky, ktor\u00e9 pripom\u00ednaj\u00fa v\u00fdstupy umelej inteligencie.<\/a><\/p>\n

\u201eV logoch sme na\u0161li emoji, ktor\u00e9 s\u00fa typick\u00e9 pre text generovan\u00fd AI,\u201c uviedol jeden z analytikov.<\/p>\n

To nazna\u010dilo, \u017ee \u00fato\u010dn\u00edci si pomohli modern\u00fdmi n\u00e1strojmi, ktor\u00e9 im v\u00fdrazne u\u013eah\u010dili pr\u00e1cu.<\/p>\n

Takto sa malv\u00e9r \u0161\u00edri medzi zariadeniami<\/p>\n

Hackersk\u00e1 kampa\u0148 od\u0161tartovala v Braz\u00edlii od konca roka 2025, no u\u017e sa stihla roz\u0161\u00edri\u0165 aj do \u010fal\u0161\u00edch kraj\u00edn, vr\u00e1tane Eur\u00f3py. \u00dato\u010dn\u00edci vyu\u017e\u00edvaj\u00fa dva hlavn\u00e9 sp\u00f4soby \u0161\u00edrenia. Prv\u00fd p\u00f4sob\u00ed ako l\u00e1kav\u00e1 v\u00fdhra v lot\u00e9rii. Pou\u017e\u00edvate\u013e si \u201ezo\u0161krabal\u201c tiket, ktor\u00fd v\u017edy uk\u00e1zal rovnak\u00fd v\u00fdsledok, vysok\u00fa finan\u010dn\u00fa odmenu. N\u00e1sledne ho str\u00e1nka presmerovala na WhatsApp, kde mal kontaktova\u0165 organiz\u00e1tora.<\/p>\n

Neprehliadni
\n <\/p>\n

\"Tvoje\"Tvoje <\/p>\n

\n\t\t\t\t\tPopul\u00e1rna spravodajsk\u00e1 aplik\u00e1cia pre iOS a Android dostala ve\u013ek\u00fa aktualiz\u00e1ciu. Pribudlo mno\u017estvo nov\u00fdch funkci\u00ed, ktor\u00e9 mus\u00ed\u0161 vysk\u00fa\u0161a\u0165 <\/p>\n

<\/a><\/p>\n

\"Nov\u00e1\"Nov\u00e1Zdroj: ESET<\/a><\/p>\n

Druh\u00fd scen\u00e1r p\u00f4sobil e\u0161te d\u00f4veryhodnej\u0161ie. \u00dato\u010dn\u00edci vytvorili falo\u0161n\u00fa str\u00e1nku, ktor\u00e1 napodobnila Google Play<\/a>. Na nej pon\u00fakli aplik\u00e1ciu s n\u00e1zvom \u201eOchrana karty\u201c. Pou\u017e\u00edvate\u013e si ju musel stiahnu\u0165 manu\u00e1lne, \u010d\u00edm obi\u0161iel \u0161tandardn\u00fa ochranu syst\u00e9mu.<\/p>\n

\"Nov\u00e1\"Nov\u00e1Zdroj: ESET<\/a><\/p>\n

Aplik\u00e1cia sa nikdy nenach\u00e1dzala v ofici\u00e1lnom obchode. Ak si ju nain\u0161taloval, musel si najprv povoli\u0165 in\u0161tal\u00e1ciu z nezn\u00e1mych zdrojov, \u010do\u00a0\u00fato\u010dn\u00edci vyu\u017eili.<\/p>\n

Po nain\u0161talovan\u00ed aplik\u00e1cia po\u017eiadala o nastavenie ako predvolen\u00fd n\u00e1stroj na bezkontaktn\u00e9 platby. Tento krok nep\u00f4sobil podozrivo, ke\u010f\u017ee ide o legit\u00edmnu funkciu HandyPay. N\u00e1sledne \u0165a vyzvala na zadanie PIN k\u00f3du karty a prilo\u017eenie karty k telef\u00f3nu. V tej chv\u00edli u\u017e prebehol cel\u00fd \u00fatok.<\/p>\n

Aplik\u00e1cia okam\u017eite preniesla NFC<\/a> d\u00e1ta z tvojej karty na zariadenie \u00fato\u010dn\u00edka. Ten si ich ulo\u017eil a mohol ich pou\u017ei\u0165 prakticky okam\u017eite. Z\u00e1rove\u0148 sa PIN k\u00f3d odoslal na riadiaci server. \u00dato\u010dn\u00edci tak z\u00edskali kompletn\u00fd pr\u00edstup k tvojej karte.<\/p>\n

\u201eMalv\u00e9r nevy\u017eadoval \u017eiadne \u010fal\u0161ie povolenia, \u010do mu pomohlo zosta\u0165 nen\u00e1padn\u00fd,\u201c upozornili v\u00fdskumn\u00edci: \u201ePr\u00e1ve toto rob\u00ed \u00fatok nebezpe\u010dnej\u0161\u00edm. Pou\u017e\u00edvate\u013e nevidel ni\u010d podozriv\u00e9, aplik\u00e1cia fungovala presne tak, ako o\u010dak\u00e1val.\u201c<\/p>\n

Kampa\u0148 s\u00edce prebehla na Androide, no ohrozen\u00e9 s\u00fa aj Apple zariadenia<\/p>\n

Na prv\u00fd poh\u013ead sa m\u00f4\u017ee zda\u0165, \u017ee ide \u010disto o probl\u00e9m Androidu. To v\u0161ak nie je \u00faplne presn\u00e9. Tento konkr\u00e9tny \u00fatok cielil na Android najm\u00e4 preto, \u017ee umo\u017enil in\u0161tal\u00e1ciu aplik\u00e1ci\u00ed mimo ofici\u00e1lneho obchodu. Samotn\u00fd princ\u00edp \u00fatoku v\u0161ak stoj\u00ed na technol\u00f3gii NFC. T\u00e1 funguje rovnako bez oh\u013eadu na platformu.<\/p>\n

\"hacker\"hackerZdroj: Melnikov Dmitriy \/ shutterstock.com a Valery Brozhinsky \/ shutterstock.com, kol\u00e1\u017e Vosveteit.sk<\/p>\n

\u00dato\u010dn\u00edci nezneu\u017eili chybu v syst\u00e9me, ale vlastnos\u0165 protokolu. NFC nevie rozl\u00ed\u0161i\u0165, \u010di m\u00e1 kartu p\u00e1r centimetrov od termin\u00e1lu, alebo \u010di sa d\u00e1ta preniesli cez internet na druh\u00e9 zariadenie.<\/p>\n

\u201eProtokol jednoducho nepozn\u00e1 vzdialenos\u0165, pracuje len s d\u00e1tami,\u201c vysvet\u013euj\u00fa bezpe\u010dnostn\u00ed experti: \u201ePr\u00e1ve preto sa podobn\u00e9 \u00fatoky teoreticky dali aplikova\u0165 aj inde, hoci praktick\u00e1 realiz\u00e1cia z\u00e1vis\u00ed od konkr\u00e9tnych obmedzen\u00ed syst\u00e9mu.\u201c<\/p>\n

D\u00f4le\u017eit\u00fa \u00falohu zohrala aj psychol\u00f3gia. Falo\u0161n\u00e1 v\u00fdhra nebola len n\u00e1vnada, ale k\u013e\u00fa\u010dov\u00fd moment cel\u00e9ho \u00fatoku. Ke\u010f si pou\u017e\u00edvate\u013e myslel, \u017ee vyhral desiatky tis\u00edc, mozog sa s\u00fastredil na odmenu. Varovania syst\u00e9mu vn\u00edmal sk\u00f4r ako prek\u00e1\u017eku ne\u017e ochranu. \u00dato\u010dn\u00edci tak vyu\u017eili tzv. tunelov\u00e9 videnie, ktor\u00e9 v\u00fdrazne zn\u00ed\u017eilo opatrnos\u0165 obete.<\/p>\n

Bezpe\u010dnostn\u00ed analytici varuj\u00fa, \u017ee sa nesta\u010d\u00ed len vyh\u00fdba\u0165 neofici\u00e1lnym aplik\u00e1ci\u00e1m. NFC maj zapnut\u00e9 len vtedy, ke\u010f ho re\u00e1lne pou\u017e\u00edva\u0161. V\u00e4\u010d\u0161ina telef\u00f3nov umo\u017e\u0148uje r\u00fdchle vypnutie priamo v hornom paneli. \u010eal\u0161\u00ed d\u00f4le\u017eit\u00fd krok je aj nastavenie limitov na karte. Ni\u017e\u0161\u00ed limit pre bezkontaktn\u00e9 platby alebo vypnutie NFC v\u00fdberov z bankomatu m\u00f4\u017ee v\u00fdrazne obmedzi\u0165 \u0161kody. Niektor\u00e9 banky t\u00fato mo\u017enos\u0165 pon\u00fakaj\u00fa priamo v aplik\u00e1cii.<\/p>\n

Ochr\u00e1ni\u0165 sa m\u00f4\u017ee\u0161 aj fyzicky. Tieniace pe\u0148a\u017eenky s\u00edce tento konkr\u00e9tny \u00fatok nezastavia, ke\u010f\u017ee vy\u017eaduje tvoju interakciu, ale ochr\u00e1nia kartu pred n\u00e1hodn\u00fdm na\u010d\u00edtan\u00edm v be\u017en\u00fdch situ\u00e1ci\u00e1ch.<\/p>\n


\n
\n
\n
\n
\n
\n P\u00e1\u010dil sa v\u00e1m \u010dl\u00e1nok? Sledujte n\u00e1s na Facebooku
\n
\n <\/a> <\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"Kyberzlo\u010dinci op\u00e4\u0165 upravili taktiku a pri\u0161li s novou verziou malv\u00e9ru NGate. Tentoraz nesiahli po zn\u00e1mych n\u00e1strojoch, ale zobrali…\n","protected":false},"author":2,"featured_media":8402,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[9278,15208,33,21263,21264,21265,16586,229,43,40,42,36,50,3211,49,48,10086],"class_list":{"0":"post-51987","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-svet","8":"tag-eset","9":"tag-malver","10":"tag-news","11":"tag-nfc","12":"tag-ngate","13":"tag-platobna-aplikacia","14":"tag-platobne-udaje","15":"tag-problem","16":"tag-sk","17":"tag-slovak","18":"tag-slovencina","19":"tag-spravy","20":"tag-svet","21":"tag-technologia","22":"tag-world","23":"tag-world-news","24":"tag-zneuzitie"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@sk\/116455448907722887","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/posts\/51987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/comments?post=51987"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/posts\/51987\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/media\/8402"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/media?parent=51987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/categories?post=51987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/sk\/wp-json\/wp\/v2\/tags?post=51987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}