TLDR
Fake Banking App Updates Hide NFCShare Malware A new wave of NFCShare Android malware is being distributed through repositories on GitHub that impersonate updates for legitimate banking apps. Unsuspecting users searching for app updates or...
How it works
Fake Banking App Updates Hide NFCShare Malware A new wave of NFCShare Android malware is being distributed through repositories on GitHub that impersonate updates for legitimate banking apps. Unsuspecting users searching for app updates or...
Red flags
- Banking app update offered via GitHub link or APK download rather than the Google Play Store or your bank's official site Permissions request that includes NFC access on an app that has no business reading your contactless card data New or unknown repository asking you to enable "Install unknown apps" before the install can proceed
What to do
- 1Red flags Banking app update offered via GitHub link or APK download rather than the Google Play Store or your bank's official site Permissions request that includes NFC access on an app that has no business reading your contactless card data New or unknown repository asking you to enable "Install unknown apps" before the install can proceed What to do Only update banking apps through the Google Play Store or your bank's verified website Never enable installation from unknown sources just to install a single update If you already sideloaded a suspect APK, uninstal
Source
bleepingcomputer
Source reviewed by Mythos Forensic Team
https://www.bleepingcomputer.com/news/security/nfcshare-android-malware-spreads-via-fake-banking-app-updates-on-github/FAQ
Is Android NFCShare malware spreads as fake banking app updates on GitHub a real scam pattern?
Yes. Treat the message, call, or payment request as suspicious until you verify it through an official channel.
What are the first warning signs?
Banking app update offered via GitHub link or APK download rather than the Google Play Store or your bank's official site Permissions request that includes NFC access on an app that has no business reading your contactless card data New or unknown repository asking you to enable "Install unknown apps" before the install can proceed
What should I do first?
Red flags Banking app update offered via GitHub link or APK download rather than the Google Play Store or your bank's official site Permissions request that includes NFC access on an app that has no business reading your contactless card data New or unknown repository asking you to enable "Install unknown apps" before the install can proceed What to do Only update banking apps through the Google Play Store or your bank's verified website Never enable installation from unknown sources just to install a single update If you already sideloaded a suspect APK, uninstal
Can LegalAudit check my case?
Yes. Start a free chat and paste the message, link, sender, or payment details for triage.