NFC Traffic Stealer Targets Android Users & Their Banking Info
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.
Search across headline titles and summaries.
Background for this topic.
Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.
Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.
The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
A new Android malware named NGate can steal money from payment cards by relaying to an attacker's device the data read by the near-field communication (NFC) chip. [...]
ESET claims new NGate Android malware relays NFC data to steal card details for ATM cash-out
Threat actors started to use progressive web applications to impersonate banking apps and steal credentials from Android and iOS users. [...]
ESET detected a new phishing technique using progressive web applications (PWAs) as part of a large-scale mobile financial scam
Google will redact your credit card details, passwords and other sensitive information in Chrome when you're sharing or recording your screen on Android. [...]