Tag: nfc
-
NFC tappay gets tapped by hackers
AI was likely used: ESET researchers also spotted something unusual in the malware’s internals. Some traces suggested generative AI may have played a role in its development.Specifically, the injected malicious code contains emoji markers in debug logs, something more commonly associated with AI-generated output than human-written malware. The researchers noted that this isn’t definitive proof…
-
Neue NGate-Malware missbraucht HandyPay-App für NFC-Betrug
Sicherheitsforscher von ESET warnen vor einer Weiterentwicklung der NGate-Malware. Hacker nutzen eine manipulierte Version der seriösen App ‘HandyPay”, um kontaktlose Bezahldaten und PINs direkt von Android-Smartphones abzugreifen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ngate-malware-nfc-betrug
-
AI-Powered NGate Malware Evades Detection Inside NFC Payment Apps
A new NGate malware variant that hides inside a trojanized version of HandyPay, a legitimate NFC payment relay app for Android, to steal card data and PINs for ATM cash-outs and fraudulent payments. The injected code shows clear signs of being produced with generative AI, highlighting how low”‘skill actors can now weaponize NFC payment apps…
-
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate.”The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated,” ESET security researcher Lukáš…
-
NGate NFC malware targets Android users through trojanized payment app
NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/21/android-ngate-nfc-malware/
-
NGate Android malware uses HandyPay NFC app to steal card data
A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile payments processing tool. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ngate-android-malware-uses-handypay-nfc-app-to-steal-card-data/
-
PayPal launches latest struggle to get rid of SMS for MFA
Tags: authentication, ceo, ciso, communications, compliance, cybersecurity, email, finance, fraud, government, group, login, mfa, mobile, nfc, passkey, password, phishing, risk, service, strategy, switch, updateMuddled effort, mixed messages Flavio Villanustre, CISO for the LexisNexis Risk Solutions Group, says he’s “always found it odd” that PayPal still supports SMS as its primary secondary authentication factor.”Everyone in financial services and government has abandoned it for not being sufficiently secure and are moving to even phishing-resistant authentication, such as passkeys, Yubikeys,” he…
-
Ghost Tapped Turns Android Phones Into Fraud Payment Relays
Ghost Tapped is Android malware that abuses NFC to enable remote payment fraud without physical card access. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ghost-tapped-turns-android-phones-into-fraud-payment-relays/
-
Ghost-Tap Scam Makes Payments Scarier
The BBB warns of a rising ghost-tap scam exploiting tap-to-pay cards and mobile wallets. How attackers use NFC proximity tricks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ghost-tap-scam-makes-payments-scarier/
-
Ghost-Tap Scam Makes Payments Scarier
The BBB warns of a rising ghost-tap scam exploiting tap-to-pay cards and mobile wallets. How attackers use NFC proximity tricks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ghost-tap-scam-makes-payments-scarier/
-
Ghost-Tap Scam Makes Payments Scarier
The BBB warns of a rising ghost-tap scam exploiting tap-to-pay cards and mobile wallets. How attackers use NFC proximity tricks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ghost-tap-scam-makes-payments-scarier/
-
Android Apps misusing NFC and HCE to steal payment data on the rise
Zimperium zLabs found 760+ Android apps abusing NFC and HCE to steal payment data, showing a surge in NFC relay fraud since April 2024. Zimperium zLabs researchers spotted over 760 Android apps abusing Near-Field Communication (NFC) and Host Card Emulation (HCE) to steal payment data and commit fraud, showing rapid growth in NFC relay attacks…
-
Massive surge of NFC relay malware steals Europeans’ credit cards
Near-Field Communication (NFC) relay malware has grown massively popular in Eastern Europe, with researchers discovering over 760 malicious Android apps using the technique to steal people’s payment card information in the past few months. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-surge-of-nfc-relay-malware-steals-europeans-credit-cards/
-
Hackers Use NFC Relay Malware to Clone TapPay Android Transactions
A new investigation from mobile security firm Zimperium has revealed a fast-growing cybersecurity threat targeting Android users through… First seen on hackread.com Jump to article: hackread.com/nfc-relay-malware-clone-tap-to-pay-android/
-
NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details
Tags: android, attack, banking, credentials, cyber, cybercrime, finance, login, malicious, nfc, russia, technology, threatA sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed to steal banking credentials and facilitate fraudulent transactions. What initially appeared as isolated incidents in April 2024 has evolved into a large-scale threat operation targeting financial institutions across Russia, Poland,…
-
NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details
Tags: android, attack, banking, credentials, cyber, cybercrime, finance, login, malicious, nfc, russia, technology, threatA sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed to steal banking credentials and facilitate fraudulent transactions. What initially appeared as isolated incidents in April 2024 has evolved into a large-scale threat operation targeting financial institutions across Russia, Poland,…
-
New Smish: New York Department of Revenue
As I was visiting SmishTank to report the most recent SMish that I had received (an iMessage from a +27 South African telephone number claiming to be from ParkMobile) I noticed there had been many recent submissions from the New York Department of Revenue. SmishTank is operated by Professor Muhammad Lutfor Rahman, a colleague of mine…
-
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware called RatOn evolved from a basic tool capable of conducting Near Field Communication (NFC) attacks to a sophisticated remote access trojan with Automated Transfer System (ATS) capabilities to conduct device fraud.”RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality making it a uniquely powerful threat,” the Dutch…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
âš¡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More
Power doesn’t just disappear in one big breach. It slips away in the small stuff”, a patch that’s missed, a setting that’s wrong, a system no one is watching. Security usually doesn’t fail all at once; it breaks slowly, then suddenly. Staying safe isn’t about knowing everything”, it’s about acting fast and clear before problems…