← Back to Pulse Feed
PULSE DETAIL
DevilNFC is an Android-based malware capable of intercepting contactless card communications from infected devices. It can capture payment credentials and harvest user PINs, leading to unauthorized financial fraud and global ATM cash-outs.
Indicators of Compromise (13)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | nfcrackatm.com | — | 2026-05-22 | |
| domain | spicynagets.shop | — | 2026-05-22 | |
| FileHash-MD5 | 35dd9c3a56e88a39bf6c8fdad46b0398 | MD5 of 995d9bc4e736873e967ca169e1fe2cc38182508a463fbe5c2c2f9b666b7df8ce | 2026-05-22 | |
| FileHash-MD5 | 9d19527aeb4cabfb40bbaea6d73b5ff0 | MD5 of e8eb9fb8792c468b7b6e65e096207e9b49311d09f8dc440602ab2654bb68bd64 | 2026-05-22 | |
| FileHash-MD5 | caa5e8cf3275339d251210072ebe88c2 | MD5 of 05417b82e39c76b0d2582709ff2d643c348837d0434c842d6d80da31e816210a | 2026-05-22 | |
| FileHash-SHA1 | 48a07ac2a18ea702a28e2bdd1a69cbc5fe2e03a7 | SHA1 of e8eb9fb8792c468b7b6e65e096207e9b49311d09f8dc440602ab2654bb68bd64 | 2026-05-22 | |
| FileHash-SHA1 | 7847bf366f1ae8a7dd66617479d8d0e6d9bd0afd | SHA1 of 995d9bc4e736873e967ca169e1fe2cc38182508a463fbe5c2c2f9b666b7df8ce | 2026-05-22 | |
| FileHash-SHA1 | 89b12465982518e93596bbbb3986652d7cb76702 | SHA1 of 05417b82e39c76b0d2582709ff2d643c348837d0434c842d6d80da31e816210a | 2026-05-22 | |
| FileHash-SHA256 | 05417b82e39c76b0d2582709ff2d643c348837d0434c842d6d80da31e816210a | — | 2026-05-22 | |
| FileHash-SHA256 | 995d9bc4e736873e967ca169e1fe2cc38182508a463fbe5c2c2f9b666b7df8ce | — | 2026-05-22 | |
| FileHash-SHA256 | e8eb9fb8792c468b7b6e65e096207e9b49311d09f8dc440602ab2654bb68bd64 | — | 2026-05-22 | |
| IPv4 | 185.203.116.18 | CC=BG ASN=AS44901 belcloud ltd | 2026-05-22 | |
| IPv4 | 47.253.167.219 | CC=US ASN=AS45102 alibaba (us) technology co. ltd. | 2026-05-22 |