New payment-card scam involves a phone call, some malware and a personal tap | The Record from Recorded Future News

“As the final stage of the manipulation, the [threat actors] instruct the victim to bring their physical debit or credit card into proximity to their infected mobile device,” Cleafy says. The fraudsters target Android devices with “a series of well-orchestrated steps” that allow them to steal money from individual victims, according to Cleafy, the cybersecurity firm that tracked the scheme in its home country of Italy. Financial institutions should be on alert for a scam that combines social engineering, previously undocumented malware and mobile phones’ near-field communication (NFC) capabilities to compromise payment cards, researchers said Friday. SuperCard X appears to be malware-as-a-service (MaaS) offered by “Chinese-speaking” hackers, Cleafy says, meaning that the people who created the code aren’t necessarily those who are using it in Italy. “[T]he operational context of this attack is mainly agnostic of the financial institution involved since the ultimate target of the fraudsters is the customers’ debit or credit cards, regardless of the issuing bank,” the researchers say. Cleafy also notes that in similar payment-card scam operations, specific banks often are the targets, but in the SuperCard X campaign, any card is potentially up for grabs. The malware, which Cleafy is calling SuperCard X, overlaps with malicious code first reported by researchers at Slovakia-based ESET in 2024. The abuse of NFC technology — when a device recognizes a nearby item like a payment card — is new, Cleafy says. The NFC process “allows the attacker to access the stolen funds instantly and potentially outside traditional fraud channels that typically involve bank transfers,” the report says. The Italian job works like this: The hackers reel in a potential victim with a scary text message that impersonates a bank fraud alert. “The nature of MaaS enables multiple affiliates to operate locally within their own regions or areas of specific interest,” the report says.

This Cyber News was published on therecord.media. Publication date: Fri, 18 Apr 2025 15:00:16 +0000


Cyber News related to New payment-card scam involves a phone call, some malware and a personal tap | The Record from Recorded Future News

To tap or not to tap: Are NFC payments safer? - These cards required insertion into payment terminals and authentication with a PIN, marking a shift toward more secure transaction methods. These cards were still susceptible to cloning or information theft, though perpetrating such crimes was more ...
1 year ago Welivesecurity.com
Preventing Credit Card Fraud with PoS Malware: How Prilex Blocks Contactless Payments - New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. On a payment terminal, contactless transactions use NFC ...
2 years ago Bleepingcomputer.com
New payment-card scam involves a phone call, some malware and a personal tap | The Record from Recorded Future News - “As the final stage of the manipulation, the [threat actors] instruct the victim to bring their physical debit or credit card into proximity to their infected mobile device,” Cleafy says. The fraudsters target Android devices with “a series of ...
1 month ago Therecord.media
Arrests in Tap-to-Pay Scheme Powered by Phishing – Krebs on Security - Asked for specifics about the mobile devices seized from the suspects, Lyon said “tap-to-pay fraud involves a group utilizing Android phones to conduct Apple Pay transactions utilizing stolen or compromised credit/debit card information,” ...
2 months ago Krebsonsecurity.com
New Android SuperCard X Malware Employs NFC-Relay Technique for Fraudulent POS & ATM Withdrawals - Victims are then instructed to tap their payment cards against their infected phones, unwittingly transmitting their card data through the malware to the attackers’ “Tapper” device, which can instantly execute fraudulent ...
1 month ago Cybersecuritynews.com
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
1 year ago Blog.checkpoint.com
Hackers Hiding NFC Carders Behind Apple Pay and Google Wallet - The scheme involves linking stolen payment card information to fraudulent mobile wallet accounts, allowing criminals to make contactless payments using the victims’ funds without requiring physical card access. If security personnel apprehend ...
1 month ago Cybersecuritynews.com
PixPirate: The Brazilian financial malware you can't see, part one - The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan malware that heavily utilizes anti-research techniques. Within IBM Trusteer, we saw several different ...
1 year ago Securityintelligence.com
New Android malware steals your credit cards for NFC relay attacks - A new malware-as-a-service (MaaS) platform named 'SuperCard X' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. The scammer instructs the victim to tap ...
1 month ago Bleepingcomputer.com
New Phishing Scam Hooks META Businesses with Trademark Threats - The phishing scam falsely asserts that the victim's Facebook page will be permanently deleted due to a post allegedly infringing on trademark rights. There is no actual infringement; it's all part of the scammer's malicious plan. In a recent wave of ...
1 year ago Hackread.com
Fraudulent "CryptoRom" Apps Slip Through Apple and Google App Store Review Process - Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam. What is new is that apps perpetrating the scam can be downloaded from the official Apple and Android app stores - giving them greater apparent validity to ...
2 years ago Securityweek.com
- In the contemporary landscape dominated by digital interconnectedness, the escalating menace of cybercrime has assumed unprecedented proportions. The latest threat on the horizon is the insidious 'SIM Swap' scam, an advanced scheme exploiting ...
1 year ago Cysecurity.news
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
1 year ago Infosecurity-magazine.com
Privacy Policy 2024 - Personal information is any information that identifies you or would enable someone to contact you, which may include your name, email address, phone number and other non-public information that is associated with such information. Information We ...
1 year ago Bitsight.com
Massive utility scam campaign spreads via online ads - When customers want to discuss their bills or look for ways to save money, scammers are just a phone call away. Enter the utility scam, where crooks pretend to be your utility company so they can threaten and extort as much money from you as they ...
1 year ago Malwarebytes.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
1 year ago Pandasecurity.com
Is that survey real or fake? How to spot a survey scam - Online surveys and quizzes are all over the internet. They're quick and cheap to set up, easy for recipients to fill out, and simple for researchers to interpret. It's no wonder that they remain a popular tool for marketers to reach and research ...
2 years ago Welivesecurity.com
9 online scams to watch out for this holiday season - By being aware of these common online scams and taking precautions, you can protect yourself and your family from becoming victims this holiday season. The holiday season is upon us, and that means it's time to start shopping for gifts. It's not just ...
1 year ago Blog.avast.com
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
Texas city warns thousands of utility payment site breach | The Record from Recorded Future News - At least 12,000 people had sensitive financial information stolen by hackers who secretly implanted malicious code into the utility payment website of the city of Lubbock, Texas. In the past, hackers used skimmers which were physical devices ...
1 month ago Therecord.media Inc ransom
Prilex PoS Malware Blocks NFC Transactions to Steal Credit Card Data - The point-of-sale malware named Prilex has been modified to block contactless transactions in an effort to force users to insert their credit cards into terminals and steal their information. Initially detailed in 2017, Prilex has evolved from ...
2 years ago Securityweek.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
11 months ago Pandasecurity.com
Top 10 Best Dynamic Malware Analysis Tools in 2025 - FireEye Malware AnalysisEnterprise-grade solution, zero-day detection, integration with threat intelligence, memory forensics.Enterprise-grade malware detection and forensicsPricing details not publicly available; contact for quote.Yes6. Detux ...
3 months ago Cybersecuritynews.com
How to Extract Malware Configurations in a Sandbox - The most sought-after source of these indicators is malware configurations. Malware Sandboxing Leader ANY.RUN handles the heavy lifting of phishing and malware analysis for SOC and DFIR teams and also helps 300,000 professionals use the platform to ...
1 year ago Gbhackers.com
Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity - COMMENTARY. Global data privacy laws were created to address growing consumer concerns about individual privacy. These laws include several best practices for businesses about storing and using consumers' personal data so that the exposure of ...
1 year ago Darkreading.com