New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Cybersecurity researchers have uncovered PhantomCard, an Android trojan that exploits NFC relay attacks to facilitate fraudulent transactions targeting banking customers in Brazil. The malware, distributed via fake banking apps on Google Play, relays card data and PINs to cybercriminals, highlighting the global threat from Chinese-origin NFC malware-as-a-service. #PhantomCard #NFCrelay #BrazilianBanks

Keypoints

PhantomCard uses NFC relay attacks to steal card details and PINs from Android devices.
The malware is distributed through counterfeit banking apps with fake reviews on Google Play.
The threat actor behind PhantomCard operates on Telegram and offers it as a malware-as-a-service.
Similar NFC relay tools like SuperCard X and KingNFC are available in underground markets.
The rise of NFC fraud complicates financial security in regions like Brazil and Southeast Asia.

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print