shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

267
active users

#androidmalware

0 posts0 participants0 posts today
Efani<p>🚨 A new Android malware campaign is using NFC relay attacks to clone credit cards — and it’s nearly invisible to antivirus tools.</p><p>Security researchers have discovered 'SuperCard X', a malware-as-a-service (MaaS) platform that allows cybercriminals to steal card data and make contactless payments using compromised Android devices.</p><p>Key highlights from the report:<br>- Distributed via social engineering scams through fake SMS or WhatsApp messages <br>- Victims are tricked into installing a malicious app disguised as a bank “verification” tool <br>- Once installed, it uses NFC to read card chip data and sends it to a second attacker device <br>- Attackers use a companion app to emulate the victim’s card and make payments or ATM withdrawals</p><p>🔍 What makes it dangerous:<br>- SuperCard X requests minimal permissions, making it hard to detect <br>- It uses ATR-based card emulation and mutual TLS (mTLS) for secure communication <br>- Malware is not flagged by any antivirus engines on VirusTotal <br>- Transactions are small, instant, and look legitimate to banks — making them harder to detect or reverse</p><p>🛡️ Google responded saying Play Protect is active and currently no such apps are listed on Google Play. But since these apps spread outside the store, Android users remain at risk — especially if they sideload apps or fall for impersonation scams.</p><p>This is a textbook example of how mobile payment infrastructure is being exploited — and why NFC security deserves more attention in mobile-first threat models.</p><p>At <span class="h-card" translate="no"><a href="https://infosec.exchange/@Efani" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Efani</span></a></span> we’re committed to helping protect high-risk users from silent, evasive mobile threats just like this.</p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/AndroidMalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AndroidMalware</span></a> <a href="https://infosec.exchange/tags/NFC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NFC</span></a> <a href="https://infosec.exchange/tags/MobileSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileSecurity</span></a> <a href="https://infosec.exchange/tags/EfaniSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EfaniSecure</span></a> <a href="https://infosec.exchange/tags/SuperCardX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SuperCardX</span></a> <a href="https://infosec.exchange/tags/FintechFraud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FintechFraud</span></a> <a href="https://infosec.exchange/tags/MalwareAsAService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MalwareAsAService</span></a></p>
IT News<p>Android will now scan sideloaded apps for malware at install time - Enlarge / Google's new malware scanner for sideloaded apps. (credit: Go... - <a href="https://arstechnica.com/?p=1976895" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">arstechnica.com/?p=1976895</span><span class="invisible"></span></a> <a href="https://schleuss.online/tags/androidmalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>androidmalware</span></a> <a href="https://schleuss.online/tags/googleplay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>googleplay</span></a> <a href="https://schleuss.online/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>google</span></a> <a href="https://schleuss.online/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a></p>