Hackers Draining Android Users’ Bank Accounts As Tap-to-Pay Malware Spreads: Report

Android users are increasingly being targeted by malware that steals their payment card details through tap-to-pay technology.
U.S. law enforcement is already making arrests and issuing warnings to banks about Android malware that steals data by tricking users into tapping their physical cards against their devices.
Now, the cybersecurity firm D3Lab says a fresh wave of attacks has been detected, with cyberthieves deploying tap-to-pay malware attacks against Italian and other European banks.
Users are often lured with urgent messages claiming they need to update their banking app, which leads them to download harmful software.
Once installed, the malware displays a fake verification screen and prompts the user to hold their real payment card near the phone. It reads the card information and PIN, then sends the stolen data to the attackers.
To stay ahead of detection, the criminals frequently change the fake websites, rotate which banks they pretend to represent, and use new hosting methods that are harder for authorities to shut down.
The technique works on Android because apps have greater access to the NFC chip, while Apple heavily restricts what third-party apps can do with NFC on iPhones.
In this latest wave, D3Lab says harmful files are now being stored and frequently updated on GitHub, the popular website normally used by programmers to share code. The attackers push out new versions often, using different bank names and technical tricks to avoid being blocked.
This constant adaptation allows the same type of card theft to continue reaching Android users despite ongoing security efforts.
Follow us on X, Facebook and Telegram
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any assets including cryptocurrencies, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: Midjourney
The post Hackers Draining Android Users’ Bank Accounts As Tap-to-Pay Malware Spreads: Report appeared first on The Daily Hodl.
