Hackers are exploiting wireless technology to access Android users’ critical data, steal login credentials and drain bank accounts, according to cybersecurity researchers.
Analysts at Zimperium say over 760 malicious apps are exploiting NFC wireless technology to capture payment data during tap-to-pay transactions.
The apps masquerade as legitimate banking and government applications, tricking users into setting them as default NFC payment methods.
Once installed, they intercept credentials, card numbers, expiration dates and EMV fields, sending data to hackers who operate through private Telegram channels.
The campaign was initially discovered in April of 2024 and has expanded to target users in Russia, Poland, Czech Republic, Slovakia, and Brazil.
Impersonated institutions include major banks like Santander, VTB, Tinkoff, Promsvyazbank, Bradesco, and PKO Bank Polski.
The malicious apps send stolen data like card details and login credentials from victims’ phones to a network of over 70 command-and-control servers.
From there, dozens of automated Telegram bots handle the coordination, process incoming data, execute commands and manage the flow of operations across the campaign.
Follow us on X, Facebook and Telegram
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: Midjourney
