Over 760 Android apps are abusing NFC and HCE to steal payment data, targeting global banks and payment systems since April 2024. These malicious applications operate via remote command-and-control servers and Telegram bots, making detection challenging. #NFCRelayAttacks #AndroidThreats
Keypoints
- Over 760 Android apps are abusing NFC and HCE to steal payment data.
- The attacks target banks, payment services, and government portals worldwide.
- Malicious apps impersonate trusted institutions and exfiltrate data via Telegram channels.
- Operators remotely control the malware through command-and-control servers and Telegram bots.
- The rapid growth of βTap-to-Payβ transactions makes NFC a lucrative target for cybercriminals.