Chinese threat operations TX-NFC and NFU Pay have been leveraging APKs masquerading as banking and financial apps to spread the NFC-enabled Ghost Tap Android malware that pilfers credit card details in social engineering campaigns that were mostly aimed at Brazil, Italy, Malaysia, Turkey, Uzbekistan, Greece, and Indonesia. , according to GBHackers News.Installation of seemingly legitimate apps from illicit APK repositories allows Ghost Tap to ensure a relay mechanism between the targeted NFC-enabled device and the attacker-controlled command-and-control server, with the former serving as a reader device and the latter interacting with point-of-sale terminals, said Group-IB Threat Intelligence researchers in a series of posts on X, formerly Twitter.Such techniques have allowed attackers to make unwanted purchases and cash withdrawals worldwide without raising alarms. Increasingly prevalent exploitation of NFC relay technology should prompt improved mobile endpoint security, transaction tracking, and public awareness campaigns among financial organizations and payment processors.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




