Cyble researchers have uncovered a new NFC relay attack campaign called “RelayNFC” targeting users in Brazil, which uses phishing sites to distribute an evasive malware that captures and relays payment card data. This sophisticated attack leverages real-time APDU relaying and WebSocket channels to execute full remote EMV transactions, highlighting the growing threat of NFC-based payment fraud. #RelayNFC #APDURelaying
Keypoints
- RelayNFC is a new highly evasive NFC relay malware targeting Brazilian users.
- The malware is distributed through five phishing websites in Portuguese.
- It captures payment card details and relays them in real-time to commit remote transactions.
- RelayNFC uses WebSocket-based APDU relays to emulate card-present payment flows.
- The campaign indicates a trend of increasing NFC relay attacks exploiting contactless payment systems.
Read More: https://thecyberexpress.com/new-nfc-relay-attack-campaign/