Chinese Cybercriminals Deploy SuperCard X, Z-NFC, and Ghost Tap NFC Malware Targeting Crypto Wallets and Contactless ATM Fraud

A new wave of Android malware targeting financial data and cryptocurrency wallets has been identified, with multiple threats emerging from cybercriminal groups, particularly those linked to China. The SuperCard X malware exploits near-field communication (NFC) technology to conduct real-time contactless ATM fraud by stealing banking information from smartphones. This sophisticated Android malware has gained attention within the smartphone user community and the financial sector. Additionally, Chinese cybercriminals have released the Z-NFC tool, which facilitates payment fraud through NFC technology. Another campaign involves malware that targets cryptocurrency wallets by disguising itself as fake PDF conversion software. The surge in NFC-related fraud, including the so-called Ghost Tap attacks, has been attributed to Chinese cybercriminal groups, highlighting a growing trend in contactless payment and crypto wallet exploitation.