Android users need to watch out for a scary new scam that could see their bank accounts raided and money stolen. The latest alert has been issued after security experts at Cleafy spotted a worrying trend that uses a bug called Supercard X to try and steal cash from unsuspecting users.
This new attack is more complicated than most, but those who are fooled could see their accounts drained without them ever knowing anything is wrong.
According to Cleafy, the threat begins via a simple text message which is sent out to Android phones. The note, which appears to have come from the user’s bank, explains that there has been some suspicious activity on their account. A number is included with the recipient of the text, then urged to call for help without delay.
Once dialled, scammers then answer the phone and attempt to trick the user into handing over account details and PIN numbers. If that wasn’t bad enough, they are also told to download a new “security” app (called Reader) and then tap their bank card on their phone to verify that things are working.
Sadly, the application isn’t going to stop any banking threats and actually contains the harmful Supercard X bug, which then transmits data from the debit card to the scammer’s phone.
Once completed, hackers then have everything they need to pay for goods using the victim’s card. During the call, they even try and get the user to turn off any spending limits, which means even more money can be taken.
“The Cleafy Threat Intelligence team has identified a new and sophisticated Android malware campaign, dubbed ‘SuperCard X’,” Cleafy explained.
“This campaign employs a novel NFC-relay technique, enabling Threat Actors to fraudulently authorise Point-of-Sale payments and Automated Teller Machine (ATM) withdrawals by intercepting and relaying NFC communications from compromised devices. The malware is distributed through Social Engineering tactics, deceiving victims into installing the malicious application and subsequently “tapping” their payment cards on their infected phones.”
It’s unclear how many people have been targeted so far but reports suggest the majority of attacks are currently located in Italy. Although the UK appears unaffected for now, it’s always good to know about these types of attacks and to stay alert.
Now is also a good time to check your Android phone and make sure Google‘s Play Protect setting is turned on as this should block any dangerous apps from being installed. Google is also keen to point out that no apps on its Play Store have yet to infected with the Supercard X bug.
Expalining more about this service, Google said: “Based on our current detection, no apps containing this malware are found on Google Play. Android users are automatically protected by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play.”
At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the sale or sharing of your data, at any time clicking the “Do Not Sell or Share my Data” button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to the practices described in our Privacy Notice and Cookie Notice.
