NFCShare Android malware spreads via fake banking app updates on GitHub
New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub, according to BleepingComputer. The malware, which targets Android devices, is disguised as updates for banking applications and is hosted on GitHub repositories. Once installed, NFCShare can steal NFC (Near Field Communication) data and intercept SMS messages, enabling attackers to bypass two-factor authentication (2FA) and gain unauthorized access to bank accounts. The malware specifically targets banking apps and can capture NFC transaction data, potentially allowing attackers to clone contactless payment cards. The campaign highlights the risk of downloading updates from unofficial sources, even when hosted on legitimate platforms like GitHub. Users are advised to only download banking app updates from official app stores or directly from the bank's website.
Developers must verify the authenticity of any third-party code or updates hosted on platforms like GitHub.