Android malware turns phones into malicious tap-to-pay machines


Got an Android phone? Got a tap-to-pay card? Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker.

A newly discovered malicious program effectively turns Android phones into malicious tap machines that vacuum up payment card data and send it to cybercriminals half a world away. All you have to do is install the software and tap your card to your phone – and criminals excel at persuading you to do just that. The malware, which cybersecurity company Cleafy calls SuperCard X, uses a feature now found in most Android phones: near-field communication (NFC).

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • Bank of America Customers Under Attack, Phishing Site Hosted on Russian Server

    July 24, 2017

    You might be tempted to believe that hackers are getting tired of using phishing scams to target bank clients across the globe, but as Bank of America customers might find out the hard way, this doesn’t seem to be the case just yet. HackRead has come across a new major phishing attack aimed at BoA clients, ...

  • Massive blow to criminal Dark Web activities after globally coordinated operation

    July 20, 2017

    Two major law enforcement operations, led by the Federal Bureau of Investigation (FBI), the US Drug Enforcement Agency (DEA) and the Dutch National Police, with the support of Europol, have shut down the infrastructure of an underground criminal economy responsible for the trading of over 350 000 illicit commodities including drugs, firearms and cybercrime malware. ...

  • Hacker Uses A Simple Trick to Steal $7 Million Worth of Ethereum Within 3 Minutes

    July 17, 2017

    All it took was just 3 minutes and ‘a simple trick‘ for a hacker to steal more than $7 Million worth of Ethereum in a recent blow to the crypto currency market. The heist happened after an Israeli blockchain technology startup project for the trading of Ether, called CoinDash, launched an Initial Coin Offering (ICO), allowing ...

  • Two New Platforms Found Offering Cybercrime-as-a-Service to ‘Wannabe Hackers’

    July 14, 2017

    Cybercrime has continued to evolve and today exists in a highly organised form. Cybercrime has increasingly been commercialised, and itself become big business by renting out an expanded range of hacking tools and technologies, from exploit kits to ransomware, to help anyone build threats and launch attacks. In past few years, we have witnessed the increase in ...

  • Hackers Attack Trump Hotels, Steal Credit Card Details and Personal Data

    July 12, 2017

    Hackers breached the systems used by 14 different Trump Hotels properties between August 10, 2016 and March 9, 2017, managing to steal sensitive information like guests’ credit card details and other personal information. In a 9-page notification published on the official page, Trump Hotels informs customers that hackers managed to breach the systems of Sabre Hospitality ...

  • Duma passes bill on protection of Russian state data networks

    July 12, 2017

    Russia’s lower house has approved a bill that defines which of the country’s informational infrastructure is to be considered critical, while setting a maximum sentence of 10 years imprisonment for hackers that attack it. In the final draft of the bill published on the State Duma’s website, critical informational infrastructure is defined as data systems and ...