Cybersecurity researchers at ESET have uncovered a troubling new trend in cybercrime: hackers are now using AI-generated malware to intercept payments made through Near Field Communication (NFC)-enabled devices. This advanced malware is capable of relaying sensitive payment card data, carrying out fraudulent online purchases, and even enabling unauthorized withdrawals from Automated Teller Machines (ATMs). The discovery highlights how cybercriminals are rapidly adopting artificial intelligence to enhance both the scale and sophistication of their attacks.[1]
This development provides concrete evidence that threat actors are no longer limiting their use of artificial intelligence to traditional cyberattacks such as ransomware. While AI-powered ransomware like PromptLock has already demonstrated how systems can be scanned, locked, or have their data destroyed, criminals are now going a step further. By leveraging Generative Artificial Intelligence (GenAI), hackers are creating malicious software designed specifically to commit financial fraud, targeting digital payment systems that many people rely on daily.
Readers of Cybersecurity Insider may recall that just a few months ago, ESET reported another alarming use of GenAI by cybercriminals. In that case, attackers were using AI tools to craft highly convincing phishing scams. These scams were made possible through the use of widely available open-source and commercial AI platforms such as Google Gemini, OpenAI’s ChatGPT, and Anthropic’s Claude. The ability of these tools to generate realistic language has made phishing attacks harder to detect, increasing the risk for both individuals and organizations.
Given the growing misuse of GenAI, incident response and cybersecurity teams must begin taking proactive measures to defend against these evolving threats. Basic security hygiene remains one of the most effective defenses. This includes keeping operating systems and applications fully updated, ensuring browsers are patched with the latest security fixes, deploying reputable endpoint protection solutions, and running automated system scans on a regular basis to detect suspicious activity early.
In addition to technical safeguards, employee training is equally important. Educating staff about emerging cyber threats, phishing techniques, and safe digital behavior can significantly reduce the likelihood of successful attacks. When users remain alert and informed, they become a strong first line of defense against AI-driven cybercrime, helping organizations stay resilient in an increasingly complex threat landscape.
AI-generated malware targeting NFC-enabled devices represents a significant evolution in cybercrime tactics. By leveraging sophisticated artificial intelligence algorithms, hackers can create malware that adapts rapidly, evades traditional security measures, and automates the theft of payment card data during contactless transactions. These malicious programs are often capable of learning from user behavior and system defenses, making them especially difficult to detect and prevent. As NFC technology becomes more widely adopted for digital payments, the risk posed by AI-powered malware continues to grow, underscoring the need for advanced security solutions and heightened awareness among consumers and organizations.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.cybersecurity-insiders.com/study-confirms-ai-generated-nfc-malware-has-emerged-as-a-new-cyber-threat/
Comments