Android 10 vulnerability allow apps to read contactless payment card and sent the captured data to other phone that will make an payment

  • Android 10 Hack allow apps to capture NFC and RFID card from wallets

    The malicious code can perform 2 type of copying and cloning contactless cards.

    • The code can run inside of other apps and scan the environment every 5 min if something is found the cards info are store and prepare for the payment moment

    • The malicious code run from other phone targeting specific cards

    The captured data is sent through live socket to other app that can performs an payment.

    How it is works, to perform an payment the bad guys need 2 android phones with Android 10 - Operating system installed. One guy will stay in the store cash register ready to pay and other in the same time was 30 seconds to scan wallets with his phone.

    Here are the apps:
    ANDROID 10 - NfcProvisioning

Login in your account to Start Chat