Tag: nfc
-
New Ghost-Tapping Attacks Target Apple Pay and Google Pay Users’ Linked Cards
Chinese-speaking cybercriminals are using ghost-tapping techniques to take advantage of Near Field Communication (NFC) relay tactics in a sophisticated evolution of payment card fraud. They are mainly targeting mobile payment services such as Apple Pay and Google Pay. This attack vector involves relaying stolen payment card credentials from compromised devices to mules’ burner phones, enabling…
-
ReVault flaws let attackers bypass Windows login or place malware implants on Dell laptops
Planting implants: An investigation by Cisco Talos uncovered two out-of-bounds vulnerabilities (CVE-2025-24311, CVE-2025-25050) an arbitrary free (CVE-2025-25215) and a stack-overflow flaw (CVE-2025-24922), all affecting the ControlVault firmware.The same researchers also discovered an unsafe deserialization flaw (CVE-2025-24919) affecting ControlVault’s Windows APIs. This vulnerability makes it possible to trigger arbitrary code execution on the ControlVault firmware, allowing…
-
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN.The identified apps were designed to load out-of-context ads on a user’s screen and hide their icons from the device home screen launcher, making it harder for victims to remove them, per the…
-
ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments
ESET researchers have uncovered a sophisticated attack vector exploiting Near Field Communication (NFC) data, initially targeting Czech banking customers but now spreading worldwide. According to the ESET Threat Report H1 2025, the incidence of NFC-related attacks has skyrocketed, with telemetry data showing a staggering 35-fold increase in the first half of 2025 compared to the…
-
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.”Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT…
-
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.”Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT…
-
Russia detects first SuperCard malware attacks skimming bank data via NFC
Malware detected previously in Italy has popped up in Russia, researchers said. Attackers use it to access devices’ near field communications (NFC) and steal payment card data. First seen on therecord.media Jump to article: therecord.media/supercard-nfc-banking-malware-russia
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43
Tags: attack, backdoor, botnet, china, crypto, fraud, infrastructure, international, malware, nfc, rust, supply-chainSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation New Rust Botnet >>RustoBot
-
NFC-Powered Android Malware Enables Instant Cash-Outs
Researchers at security vendor Cleafy detailed a malware known as SuperCard X that uses the NFC reader on a victim’s own phone to steal credit card funds instantly. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/nfc-android-malware-instant-cash-outs
-
How NFC-Enabled POS Terminals Facilitate Cybercriminal Money Laundering Chains
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/how-nfc-enabled-pos-terminals-facilitate-cybercriminal-money-laundering-chains
-
Hackers Conceal NFC Carders Behind Apple Pay and Google Wallet
Tags: apple, cyber, cybercrime, exploit, finance, fraud, google, hacker, mobile, nfc, password, technology, vulnerabilityIn a disturbing evolution of financial fraud, cybercriminals are leveraging advanced techniques to exploit mobile payment systems such as Apple Pay and Google Wallet. Once reliant on magnetic stripe card cloning, fraudsters have adapted to breakthroughs in card security technology like chip cards and one-time passwords, exploiting vulnerabilities in contactless payments and digital wallets. By…
-
Breaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key
Tags: access, authentication, cloud, compliance, control, credentials, data, defense, encryption, fido, framework, government, healthcare, identity, infrastructure, mobile, nfc, password, phishing, regulation, service, software, strategy, technology, windowsBreaking the Barriers to a Password-Free Life in Enterprise: Meet SafeNet eToken Fusion NFC PIV security key madhav Thu, 03/13/2025 – 06:46 As large organizations increasingly shift towards passwordless solutions, the benefits are clear: enhanced user experience, improved security, and significant cost savings. The FIDO (Fast Identity Online) standard has emerged as the gold standard…
-
Yubico ermöglicht NFC-basierte passwortlose Authentifizierung bei Microsofts Surface Pro 10
Unternehmen können die Vorteile der langjährigen Zusammenarbeit zwischen Microsoft und Yubico nutzen, indem Sie YubiKeys zusammen mit dem neuen Surfac… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/yubico-ermoeglicht-nfc-basierte-passwortlose-authentifizierung-bei-microsofts-surface-pro-10/a36945/
-
Novel NFC-exploiting Ghost Tap attack technique gains traction
First seen on scworld.com Jump to article: www.scworld.com/brief/novel-nfc-exploiting-ghost-tap-attack-technique-gains-traction
-
>>Ghost Tap<< Emerges: Cybercriminals Exploit NFC Relay for Contactless Cash-Outs
ThreatFabric reveals a new tactic allowing fraudsters to anonymously drain stolen credit cards linked to mobile wallets. A new and concerning trend in financial cybercrime has surfaced, dubbed >>Ghost Tap
-
How to Motivate Employees and Stakeholders to Encourage a Culture of Cybersecurity
Cybersecurity impacts us all. Third parties process and handle data every day, whether they’re tapping your phone to pay via near-field communication (NFC) or processing a transaction while you pay your utility bill online. The importance of keeping your data private is growing every day: worldwide, “‹”‹cybercrime costs are expected to hit $10.5 trillion annually……
-
Criminals ‘Ghost Tap’ NFC for Payment Cash-Out Attacks
Tactic Uses Stolen Cards Added to Apple Pay and Google Pay Digital Wallets. Criminals have been caught tapping a new type of relay attack to cash-out stolen payment cards added to legitimate digital wallets. These criminals use money mules who carry an Android device able to capture and relay NFC communications used by ATMs to…
-
New Ghost Tap attack abuses NFC mobile payments to steal money
Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed ‘Ghost Tap,’ which relays NFC card data to money mules worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ghost-tap-attack-abuses-nfc-mobile-payments-to-steal-money/
-
Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments
Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim’s funds at scale.The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic.”Criminals can now misuse…
-
NGate: Neue Android-Malware, die NFC-Daten abgreift
First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/malware/ngate-neue-android-malware-die-nfc-daten-abgreift-300532.html
-
NGate: Eset entdeckt neuen Betrug bei beliebter NFC-Technologie
Drahtloses Bezahlen mit Karte oder Smartphone ist beliebt. Werden plötzlich hohe Beträge vom Konto abgebucht, könnte NGate im Spiel sein eine neue And… First seen on crn.de Jump to article: www.crn.de/news/4350442/ngate-eset-entdeckt-neuen-betrug-bei-beliebter-nfc-technologie
-
New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards
Cybersecurity researchers have uncovered new Android malware that can relay victims’ contactless payment data from physical credit and debit cards to … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-android-malware-ngate-steals-nfc.html
-
NFC Traffic Stealer Targets Android Users & Their Banking Info
First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/nfc-traffic-stealer-targets-android-users-and-their-banking-info
-
Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC)
A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The … First seen on techrepublic.com Jump to article: www.techrepublic.com/article/cybercriminals-stealing-nfc-data/
-
NFC-Malware leert Bankkonten
Phishing und Malware kombiniert ein Angreifer, um Geldautomaten Bankkarten vorzuspielen und per NFC Geld abzuheben. Beobachtet wurde das in Tschechien… First seen on heise.de Jump to article: www.heise.de/news/NFC-Malware-leert-tschechische-Bankkonten-9848256.html
-
Novel Android Malware Steals Card NFC Data For ATM Withdrawals
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-malware-steals-card-nfc/
-
Android malware uses NFC to steal money at ATMs
ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/22/android-malware-nfc-data-atm-withdrawals/
-
New NGate Android malware uses NFC chip to steal credit card data
A new Android malware named NGate can steal money from payment cards by relaying to an attacker’s device the data read by the near-field communication… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-ngate-android-malware-uses-nfc-chip-to-steal-credit-card-data/