Android users are increasingly being targeted by malware that steals their payment card details through tap-to-pay technology.
U.S. law enforcement is already making arrests and issuing warnings to banks about Android malware that steals data by tricking users into tapping their physical cards against their devices.
Now, the cybersecurity firm D3Lab says a fresh wave of attacks has been detected, with cyberthieves deploying tap-to-pay malware attacks against Italian and other European banks.
Users are often lured with urgent messages claiming they need to update their banking app, which leads them to download harmful software.
Once installed, the malware displays a fake verification screen and prompts the user to hold their real payment card near the phone. It reads the card information and PIN, then sends the stolen data to the attackers.
To stay ahead of detection, the criminals frequently change the fake websites, rotate which banks they pretend to represent, and use new hosting methods that are harder for authorities to shut down.
The technique works on Android because apps have greater access to the NFC chip, while Apple heavily restricts what third-party apps can do with NFC on iPhones.
In this latest wave, D3Lab says harmful files are now being stored and frequently updated on GitHub, the popular website normally used by programmers to share code. The attackers push out new versions often, using different bank names and technical tricks to avoid being blocked.
This constant adaptation allows the same type of card theft to continue reaching Android users despite ongoing security efforts.
Follow us on X, Facebook and TelegramGenerated Image: Midjourney