NFC Security | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. "PhantomCard relays NFC data from a victim's banking card to the fraudster's device," ThreatFabric said in a report. "PhantomCard is based on Chinese-originating NFC relay malware-as-a-service." The Android malware, distributed via fake Google Play web pages mimicking apps for card protection, goes by the name "Proteção Cartões" (package name "com.nfupay.s145" or "com.rc888.baxi.English"). The bogus pages also feature deceptive positive reviews to persuade victims into installing the app. It's currently not known how links to these pages are distributed, but it likely involves smishing or a similar social engineering technique. Once the app is installed and opened, it requests victim...