PhantomCard is an Android trojan targeting banking customers in Brazil through NFC relay attacks. It relays NFC data from the victim's banking card to a fraudster's device. Distributed via fake apps like 'Proteção Cartões', it prompts users to place their card on their phone for verification. The malware captures card data and PINs, enabling cybercriminals to authenticate transactions as if they had physical access to the victim's card, creating a connection to PoS terminals or ATMs nearby.
PhantomCard relays NFC data from a victim's banking card to the fraudster's device as a part of a relay attack targeting banking customers in Brazil.
Once the app is installed, it requests victims to place their credit/debit card on the back of the phone to begin the verification process.
PhantomCard establishes a channel between the victim's physical card and the PoS terminal / ATM that the cybercriminal is next to.
The bogus pages feature deceptive positive reviews to persuade victims to install the app.
Collection
[
|
...
]