SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation

A new Android malware campaign called 'SuperCard X' has been identified, employing NFC-relay techniques to enable fraudulent POS payments and ATM withdrawals. Distributed through a Chinese-speaking Malware-as-a-Service platform, it shares similarities with NGate malware. The campaign uses social engineering tactics to trick victims into installing the malicious app and tapping their payment cards on infected phones. This sophisticated fraud scheme combines SMS phishing, phone calls, malware installation, and NFC data interception. SuperCard X poses a significant financial risk to banking institutions, payment providers, and credit card issuers due to its ability to perform instant fraudulent cash-outs with debit and credit cards.

Pulse ID: 680278d75b1a8862b3d4d67d
Pulse Link: https://otx.alienvault.com/pulse/680278d75b1a8862b3d4d67d
Pulse Author: AlienVault
Created: 2025-04-18 16:07:51

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#lunatics #asylum #updates #bankholiday Why would a #bank update it's #software overnight before a #bank_holiday . Asking for a friend who is not best pleased. (British understatement)

Bank of Canada holds key interest rate steady amid tariff uncertainty, even as economists see further cuts ahead https://www.byteseu.com/927780/ #bank #BankOfCanada #Canada #ConsecutiveCuts #EconomicGrowthAndInflation #InflationData #InterestRate #ontario #ottawa #TiffMacklem #TradeWar #Uncertainty

The melding of #bank #capital & #finance capital creates a #financial #oligarchy that controls all the resources & takes advantage of #GlobalSouth countries.

That in a nutshell is the #Leninist definition of #imperialism, in its most basic & simple explanation.

Bank of Canada holds rates at 2.75%
This is the first pause after 7 consecutive monthly cuts
#bank #economy #interestrate #Canada #News #Business
https://www.cbc.ca/news/business/boc-interest-rate-april-1.7511457?cmp=rss

Pigeon attendant l'ouverture de la banque rue Victor-Hugo à #lyon

New entry of AI-generated #comics and #jokes added to our #website:

#Bank #Earnings #Expectations

comics.lucentinian.com/6705
#Comedy #AILaughs #AIJokes #AIComedy #FunnyNews

2025 – 101: Ideenklau

Die zweite mögliche Variante: Schuhe II.

[…] Neben der Bank im Park steht ein Paar Schuhe, mit den Spitzen zum Gehweg, ordentlich parallel ausgerichtet. Und diese Pumps […]

#Bank #Farbe #geklaut #Idee #Krimi #Schuhe #Überraschung #Ungewißheit #Zitat

https://deremil.blogda.ch/2025/04/11/101-ideenklau/

#unplugtrump ist eine tolle Ideengrube, was man alles machen kann, um sich etwas digitaler unabhängig zu machen . Ich habe auch im Rahmen meiner Möglichkeiten (privat, beruflich & technisch) einiges umgestellt. Nun habe ich heute einen #Podcast über das bankenlose & internetlose Bezahlen in #Afrika gehört und frage mich, ob man sowas ähnliches (da es auch Nachteile gibt) nicht auch in der #EU umsetzen könnte.
https://www.ardaudiothek.de/episode/what-the-wirtschaft-deutschlandfunk-nova/breaking-bank-wie-neue-bezahlsysteme-die-banken-herausfordern/deutschlandfunk-nova/14406295/
#Bank #Bezahlen #Geldüberweisung #Europa #Alternative #sms

The Federal Deposit Insurance Corporation #FDIC is an independent agency created by the #Congress to maintain #stability and public confidence in the nation's #financial system. We have no more independent agencies. #DOGE invaded the #FDIC today and will be applying their atrocious #AI to plunder one of the last remaining secure #bank data and #statistics repositories. “The FDIC is a prudential #regulator, meaning for some banks it is the primary regulator enforcing all the capital requirements"

The attacks are relentless - this is the latest assault on democracy, humanity, American values, our economy and our decency - #WhiteHouse Moves to Cancel #Migrants #SocialSecurity Numbers. It would effectively cancel the Social Security numbers that migrants lawfully obtained, cutting off their access to #creditcards, #bank accounts and more. “Immigration enforcement is not within the scope of the Social Security...potential for errors can be very consequential.” #immigration #civilliberties

Blind Eagle: ...And Justice for All

Check Point Research uncovered ongoing campaigns by Blind Eagle (APT-C-36) targeting Colombian institutions since November 2024. The group utilized malicious .url files, similar to CVE-2024-43451, to deliver HeartCrypt-packed malware and Remcos RAT. Campaigns infected over 1,600 victims in a single instance. Blind Eagle exploited legitimate platforms like Google Drive and GitHub for distribution. The group's rapid adaptation to new vulnerabilities and use of underground tools highlight its sophistication. Operating in UTC-5 timezone suggests South American origin. An operational failure revealed past phishing activities targeting Colombian banks, compromising over 8,000 entries of personal data.

Pulse ID: 67f81305d2659d5a0d917773
Pulse Link: https://otx.alienvault.com/pulse/67f81305d2659d5a0d917773
Pulse Author: AlienVault
Created: 2025-04-10 18:50:45

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Smishing Triad: Chinese eCrime Group Targets 121+ Countries, Introduces New Banking Phishing Kit

The Chinese eCrime group Smishing Triad has launched a global SMS phishing campaign targeting over 121 countries across various industries. Their infrastructure generates over one million page visits in 20 days, averaging 50,000 daily. The group has introduced a new 'Lighthouse' phishing kit focusing on banking and financial organizations, particularly in Australia and the Asia-Pacific region. Smishing Triad claims to have '300+ front desk staff worldwide' supporting their operations. They frequently rotate domains, with approximately 25,000 active during any 8-day period. The majority of phishing sites are hosted by Chinese companies Tencent and Alibaba. The campaign primarily targets postal, logistics, telecommunications, transportation, finance, retail, and public sectors.

Pulse ID: 67f80a4937d04f9036252cf7
Pulse Link: https://otx.alienvault.com/pulse/67f80a4937d04f9036252cf7
Pulse Author: AlienVault
Created: 2025-04-10 18:13:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

A ransomware attack on a printing vendor has affected DBS and Bank of China – two major banks in Asia. Thousands of customers are exposed.

#ransomware #databreach #China #bank

https://cnews.link/dbs-bank-china-printing-vendor-attack-1/

#Hackers #Spied on 100 US #Bank Regulators' Emails for Over a Year - Slashdot https://news.slashdot.org/story/25/04/09/0034251/hackers-spied-on-100-us-bank-regulators-emails-for-over-a-year?utm_source=rss1.0mainlinkanon&utm_medium=feed

Post-Partner Bank99: Bankkonten über Ostern gesperrt

'... Ihren rund 300.000 betroffenen Kunden rät die Bank99 dazu, sich für diesen Zeitraum mit ausreichend Bargeld einzudecken oder Kreditkarten zu nutzen. Konkret werden die Konten am Karfreitag, dem 18. April, um 14.00 Uhr gesperrt – und bis zum Ostermontag, dem 21. April, außer Betrieb bleiben...'

#Bank #Österreich #ServiceTroet #Konto #Geld

https://wien.orf.at/stories/3300598/

A miner and the ClipBanker Trojan being distributed via SourceForge

A unique malware distribution scheme exploiting SourceForge has been discovered. The attackers create a seemingly legitimate project on sourceforge.net, which automatically generates a sourceforge.io subdomain. This subdomain is then used to host a malicious page that tricks users into downloading a compressed archive containing malware. The infection chain involves multiple stages, including the use of password-protected archives, Visual Basic scripts, and PowerShell commands. The main payloads are a cryptocurrency miner and ClipBanker, a Trojan that replaces cryptocurrency wallet addresses in the clipboard. The campaign primarily targets Russian-speaking users, with 90% of potential victims located in Russia.

Pulse ID: 67f573a53d47bc07a2ad0e14
Pulse Link: https://otx.alienvault.com/pulse/67f573a53d47bc07a2ad0e14
Pulse Author: AlienVault
Created: 2025-04-08 19:06:13

Be advised, this data is unverified and should be considered preliminary. Always do further verification.