Zimperium zLabs discovered over 760 Android apps misusing NFC and HCE to steal payment data, with a notable increase in attacks since April 2024. These malicious apps impersonate trusted institutions and operate through a command-and-control system, making detection difficult. Financial institutions and users need to be wary of unfamiliar apps requesting NFC access.

A new report from Zimperium reveals a rise in NFC relay malware targeting Android users' tap-to-pay systems. Over 760 malicious apps have been found that impersonate legitimate banking applications to steal payment data and facilitate fraud. Users are advised to download apps only from the Google Play Store and stay vigilant against unknown payment requests.