Lmst

🚨 A new Android malware campaign is using NFC relay attacks to clone credit cards — and it’s nearly invisible to antivirus tools.

Security researchers have discovered 'SuperCard X', a malware-as-a-service (MaaS) platform that allows cybercriminals to steal card data and make contactless payments using compromised Android devices.

Key highlights from the report:
- Distributed via social engineering scams through fake SMS or WhatsApp messages
- Victims are tricked into installing a malicious app disguised as a bank “verification” tool
- Once installed, it uses NFC to read card chip data and sends it to a second attacker device
- Attackers use a companion app to emulate the victim’s card and make payments or ATM withdrawals

🔍 What makes it dangerous:
- SuperCard X requests minimal permissions, making it hard to detect
- It uses ATR-based card emulation and mutual TLS (mTLS) for secure communication
- Malware is not flagged by any antivirus engines on VirusTotal
- Transactions are small, instant, and look legitimate to banks — making them harder to detect or reverse

🛡️ Google responded saying Play Protect is active and currently no such apps are listed on Google Play. But since these apps spread outside the store, Android users remain at risk — especially if they sideload apps or fall for impersonation scams.

This is a textbook example of how mobile payment infrastructure is being exploited — and why NFC security deserves more attention in mobile-first threat models.

At @Efani we’re committed to helping protect high-risk users from silent, evasive mobile threats just like this.

#Cybersecurity #AndroidMalware #NFC #MobileSecurity #EfaniSecure #SuperCardX #FintechFraud #MalwareAsAService

Imagine a malware that stealthily uses your phone’s NFC to swipe payment data—without raising any alarms. SuperCard X is that new game-changer for cybercriminals. Could your device be at risk?

https://thedefendopsdiaries.com/supercard-x-a-new-era-of-mobile-malware/

#supercardx
#mobilemalware
#nfcrelay
#cybersecurity
#malwareasaservice

📬 Operation Magnus: Info-Stealer RedLine und MetaStealer zerschlagen
#ITSicherheit #Rechtssachen #Eurojust #MalwareasaService #MetaStealer #OperationMagnus #RedLineStealer #Schadsoftware https://sc.tarnkappe.info/1f0e19

#CroudStrike is apparently now offering #BSOD as a service in a new bold #Enshittification #MalwareAsAService gambit.

Cybercrime: il fenomeno dei Malware as a Service. In streaming la sessione di secsolutionforum: Intervenuto a secsolutionforum in rappresentanza di Assintel Associazione Nazionale Imprese ICT, Riccardo Michetti ha esplorato il mondo del "Malware as a Service" (MaaS), con una approfondita analisi delle tattiche, delle tecniche e delle procedure associate a questo fenomeno. Ma, in...
#secsolutionforum #cybersecurity #cybercrime #MalwareasaService… http://dlvr.it/T97C9t #News

IT-Trends: Professionalisierung der Cyberkriminalität 2024 https://www.it-daily.net/it-sicherheit/cybercrime/professionalisierung-der-cyberkriminalitaet-in-2024 #CyberCrime #Malware #Ransomware #OpenSource #MaaS #RaaS #MalwareAsAService #RansomwareAsAService

Is malware as a service peak late stage capitalism or is it just me who thinks that?

"Rhadamanthys is a C++ information stealer that first emerged in August 2022, targeting email, FTP, and online banking service account credentials...

The stealer is sold to cybercriminals via a subscription model, so it is distributed to targets using a variety of channels, including malvertizing, laced torrent downloads, emails, YouTube videos, and more."

https://www.bleepingcomputer.com/news/security/rhadamanthys-stealer-malware-evolves-with-more-powerful-features/

Generally a big fan of interoperability but not for this...

"Check Point analyzed Rhadamanthys version 0.5.0 and reports that it introduced a new plugin system that allows higher levels of customization for specific distribution needs.

Plugins could add a diverse range of capabilities to the malware while allowing cybercriminals to minimize their footprint by only loading those they need in each case.

The new plugin system indicates a shift towards a more modular and customizable framework as it allows threat actors to deploy plugins tailored to their targets, counteracting security measures identified during recon stages or exploiting specific vulnerabilities."

#malware #infosec #opsec #MalwareAsAService #cybersec #wtf #LateStageCapitalism #Capitalism #enshitifcation

"🐰 BunnyLoader Unleashed: The Newest Kid on the Malware Block 🐰"

In a recent discovery, Zscaler ThreatLabz stumbled upon a new Malware-as-a-Service (MaaS) threat named "BunnyLoader" being peddled on various forums. This nefarious service offers a plethora of malicious functionalities including downloading and executing a second-stage payload, pilfering browser credentials and system information, keylogging, and even cryptocurrency theft through clipboard manipulation. 🕵️‍♀️💻

The malware, written in C/C++, is sold for a lifetime price of $250 and is under rapid development with multiple feature updates and bug fixes. It employs various anti-sandbox techniques during its attack sequence to evade detection and has a fileless loader feature which executes further malware stages in memory. BunnyLoader's C2 panel allows the threat actor to control infected machines remotely, showcasing a list of various tasks including keylogging, credential theft, and remote command execution among others. 🛑🔐

The detailed technical analysis reveals how BunnyLoader maintains persistence, performs anti-VM techniques, registers with the C2 server, and executes its core malicious tasks. The malware also harbors a clipper module to replace cryptocurrency addresses in a victim's clipboard with addresses controlled by the threat actor, targeting multiple cryptocurrencies like Bitcoin, Ethereum, and Monero. 🪙💸

The article is a comprehensive dive into the technical intricacies of BunnyLoader, shedding light on its modus operandi and the potential threat it poses to individuals and organizations alike. 🧐🔍

Source: Zscaler ThreatLabz

Tags: #BunnyLoader #MalwareAsAService #CyberSecurity #ThreatAnalysis #Malware #CryptocurrencyTheft #Zscaler #ThreatLabz #InfoSec

Authors: NIRAJ SHIVTARKAR, SATYAM SINGH

📬 Malware as a Service (MaaS) im Darknet: Hintergründe und Bedrohungen
#Hintergrundberichte #Malware #AlexanderZabrovsky #Backdoors #Botnets #Cyberkriminalität #Infostealer #kaspersky #Loader #MalwareasaService #RansomwareasaService https://tarnkappe.info/artikel/it-sicherheit/malware/malware-as-a-service-maas-im-darknet-hintergruende-und-bedrohungen-276234.html

📬 macOS-Malware MacStealer klaut Mac-Usern ihre M… Passwörter
#ITSicherheit #Malware #Binance #chrome #Exodus #Firefox #iCloudSchlüsselbund #MaaS #macOS #MacStealer #MalwareasaService #MetaMask #Phantom #Tron #TrustWallet https://tarnkappe.info/artikel/it-sicherheit/macos-malware-macstealer-klaut-mac-usern-ihre-m-passwoerter-272237.html

#RaccoonStealer admin will be extradited to the US, charged for computer crimeshttps://www.malwarebytes.com/blog/news/2022/11/racoon-stealer-admin-will-be-extradited-to-the-us-charged-for-computer-crimes

#hacking #MalwareAsAService