RelayNFC Malware Targets Mobile Payment Users

Cyble Research and Intelligence Labs (CRIL) has identified a new NFC relay malware campaign targeting mobile payment users. The malware, named RelayNFC, turns a victim's Android device into a remote card reader, enabling attackers to perform fraudulent contactless transactions. The malware is distributed through phishing sites and captures card data and PINs, relaying them to an attacker-controlled server. RelayNFC uses a real-time APDU relay channel and has zero detections on VirusTotal, indicating low visibility across security tools.

Latest mentioned: 11-26

Earliest mentioned: 11-25

Sources

thecyberexpress.com securityonline.info

Also Read

RomCom Malware Targets Engineering Firm via SocGholish

The RomCom malware group targeted a civil engineering company using the SocGholish JavaScript loader to deliver the Mythic Agent. This marks the first observed instance of RomCom using SocGholish for distribution. The attack, attributed to a military unit, aimed at entities with ties to a specific region. The infection chain involved fake browser updates and a custom Python backdoor, highlighting the blend of cybercrime and espionage tactics.

11-26Read more →