A new malware-as-a-service (MaaS) dubbed ‘SuperCard X’ is targeting Android devices via NFC relay attacks to enable fraudulent POS and ATM transactions. Promoted through Telegram channels, the hackers use social engineering to coax victims into clicking on a malicious app, which then captures the card data. Once the malware is installed, it steals and relays card data to attacker devices for exploitative use. The campaign is linked to Chinese-speaking MaaS platform “SuperCard X,” and the malware shares code with NGate.
Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
The Erlang/Open Telecom Platform (OTP) SSH implementation contains a critical security vulnerability, potentially exposing systems to security risks.
