The new Android malware-as-a-service (MaaS) platform, SuperCard X, enables near-field communication (NFC) relay attacks, allowing cybercriminals to conduct fraudulent cashouts, especially in Italy. The multistage attack involves social engineering through deceptive messages, malicious app installations, and NFC data interception. Cybercriminals can drain funds by persuading victims to remove card limits and glean PINs. It uses a new method to intercept and relay NFC communications to authorise fraudulent transactions. Google is developing a feature to block app installations from unknown sources to counter this threat.
New Android malware exploits NFC to steal funds instantly
Security experts warn of a new Malware as a Service platform, “Supercard X”, targeting Android devices by exploiting Near Field Communication (NFC) for fraudulent purposes.
