ThreatFabric
-
RatOn Android malware evolves into ATS-enabled remote access trojan, ThreatFabric says
ThreatFabric reports that RatOn has evolved from NFC relay attacks into an ATS-enabled Android remote access trojan, capable of automated cryptocurrency transfers, overlay ransomware-style screens, and NFC relay via NFSkate, with initial activity centered in the Czech Republic and Slovakia likely to follow.
-
Source-code leak exposes ERMAC Android banking trojan infrastructure, researchers say
The ERMAC Android banking trojan v3 source code was leaked online, exposing its backend, panel, and exfiltration infrastructure and signaling an expanded targeting scope of over 700 apps, along with notable operational security lapses that could invite further risk from other threat actors.
-
PhantomCard Android Trojan Uses NFC Relay to Enable Fraudulent Banking Transactions in Brazil
Authorities warn of PhantomCard, a new Android trojan that uses NFC relay technology to siphon card data and complete fraudulent banking transactions in Brazil. Distributed via fake card-protection apps on phishing pages, the threat is linked to a broader ecosystem of NFC fraud tools and a network of threat actors, underscoring rising global risk to…
