b2b-daily
Home | IT | Cyber Security

Hackers Exploit NFC in New Android Payment Fraud Scheme

Avatar photo
by Bairon McAdams
April 23, 2025
Image Credit: Freepik / Freepik
Hackers Exploit NFC in New Android Payment Fraud Scheme
Article Highlights
Off On

Hackers are exploiting near-field communication (NFC) technology to commit instant payment fraud through the Chinese-speaking Android malware-as-a-service platform, SuperCard X. This malware enables real-time theft by using NFC to capture payment card data and make fraudulent transactions at point of sale (PoS) terminals and ATMs.

Unlike older methods such as overlay attacks or SMS interception, SuperCard X uses contactless functionalities in modern payment cards. Infected Android devices become NFC relay stations, simplifying the fraud process. Users of SuperCard X access “Reader” and “Tapper” applications via Telegram channels, making NFC relay fraud easily accessible without complex tool development.

The attack starts with spoofed messages from banks urging victims to call a number. Scammers then pose as bank agents, instructing victims to install the SuperCard X Reader app disguised as security software. This app requires minimal NFC permissions and standard system permissions, avoiding detection by security software.

When victims tap their card against the infected device, the Reader app captures NFC-transmitted card data. This data, including Answer To Reset (ATR) messages, is sent in real-time to the attackers. The Tapper app on another device uses the relayed ATRs to emulate the victim’s card, allowing for transactions at contactless PoS terminals and ATMs. Fraudulent withdrawals increase after convincing victims to lift spending limits. SuperCard X is distinct from other Android banking Trojans, focusing on NFC relay with minimal permissions, evading most antivirus engines. An analysis by Cleafy found extensive code reuse from open-source projects, indicating quick development and easy onboarding for affiliates.

In an Italian campaign, Cleafy noted customizations like tailored APK repackaging and pre-generated login credentials, streamlining the attack. SuperCard X highlights advanced social engineering and strategic minimalism in permissions, challenging current cybersecurity defenses with its covert and effective methods.

Android

Explore more

Closing the Feedback Gap Helps Retain Top Talent
February 27, 2026

The silent departure of a high-performing employee often begins months before any formal resignation is submitted, usually triggered by a persistent lack of meaningful dialogue with their immediate supervisor. This communication breakdown represents a critical vulnerability for modern organizations. When talented individuals perceive that their professional growth and daily contributions are being ignored, the psychological contract between the employer and

Employment Design Becomes a Key Competitive Differentiator
February 27, 2026

The modern professional landscape has transitioned into a state where organizational agility and the intentional design of the employment experience dictate which firms thrive and which ones merely survive. While many corporations spend significant energy on external market fluctuations, the real battle for stability occurs within the structural walls of the office environment. Disruption has shifted from a temporary inconvenience

How Is AI Shifting From Hype to High-Stakes B2B Execution?
February 27, 2026

The subtle hum of algorithmic processing has replaced the frantic manual labor that once defined the marketing department, signaling a definitive end to the era of digital experimentation. In the current landscape, the novelty of machine learning has matured into a standard operational requirement, moving beyond the speculative buzzwords that dominated previous years. The marketing industry is no longer occupied

Why B2B Marketers Must Focus on the 95 Percent of Non-Buyers
February 27, 2026

Most executive suites currently operate under the delusion that capturing a lead is synonymous with creating a customer, yet this narrow fixation systematically ignores the vast ocean of potential revenue waiting just beyond the immediate horizon. This obsession with immediate conversion creates a frantic environment where marketing departments burn through budgets to reach the tiny sliver of the market ready

How Will GitProtect on Microsoft Marketplace Secure DevOps?
February 27, 2026

The modern software development lifecycle has evolved into a delicate architecture where a single compromised repository can effectively paralyze an entire global enterprise overnight. Software engineering is no longer just about writing logic; it involves managing an intricate ecosystem of interconnected cloud services and third-party integrations. As development teams consolidate their operations within these environments, the primary source of truth—the