NFC relay malware infects Android devices predominantly in Eastern Europe, hijacking contactless payment data and emulating EMV fields to authorize transactions fraudulently. Over 760 malicious apps are currently exploiting this technique, highlighting its rapid growth and widespread impact. #NFCRelayMalware #AndroidThreats
Keypoints
- Many Android apps are using NFC relay techniques to steal payment information in Eastern Europe.
- The malware exploits Android’s Host Card Emulation (HCE) to manipulate contactless payment data.
- Attack variants include data exfiltration, relay toolkits, ghost-tap payments, and fake banking apps.
- Campaigns are expanding across regions like Russia, Poland, and the Czech Republic.
- Users are advised to avoid installing APKs from untrusted sources and disable NFC when not in use.