Web Desk: Cybersecurity firm Kaspersky released new data on Wednesday revealing that cyberattacks targeting Android users through near-field communication technology surged by 188 percent during the first four months of 2026.
The company’s security solutions blocked approximately 35,600 attacks linked to Android malware families that abuse NFC functionality between January and April 2026. During the same period last year, security systems detected and blocked more than 12,300 such attacks, highlighting a sharp increase in cybercriminal activity.
Researchers identified several malware families behind the surge, including SuperCard X, PhantomCard, NGate, and multiple malicious variants of the NFCGate tool. Cybercriminals design these specific threats to steal banking information and facilitate fraudulent financial transactions through contactless payment technology.
According to the report, attackers primarily use two distinct methods to compromise devices. In the first method, known as Direct NFC, fraudsters contact victims through messaging platforms and persuade them to install malware disguised as legitimate financial applications. The attackers then convince users to tap their physical bank cards against the infected smartphone and enter their PIN codes, which allows the malicious software to capture sensitive card data.
The second method, called Reverse NFC, has become increasingly common among illicit networks. In this scheme, criminals trick victims into installing a malicious application and setting it as the default contactless payment service on their device. The infected phone then transmits an NFC signal that automated teller machines recognize as a scammer-controlled payment card. Victims subsequently deposit funds into the machine believing they are transferring money to a secure account, but the funds go directly to the criminals instead.
Security researchers warned that Reverse NFC attacks present a unique challenge because they are particularly difficult to detect. Since the victims themselves authorize the transactions, the fraudulent transfers appear entirely legitimate to banking security protocols.
This warning arrives as contactless payments and digital financial services continue to gain rapid popularity worldwide, including in developing digital markets like Pakistan. Growing smartphone adoption and increased reliance on mobile banking applications have expanded the potential target base for cybercriminals seeking to exploit unsuspecting users.
In response to the growing threat, cybersecurity experts advise consumers to avoid downloading applications from unofficial sources entirely. They also urge the public to remain cautious of unsolicited messages involving banking services, and warn users to never follow instructions from unknown individuals regarding financial transactions or ATM operations. Finally, researchers encourage users to keep their mobile operating systems updated and deploy trusted mobile security solutions to reduce the risk of compromise.
Read more: Driverless public transport could soon be everywhere
