In May 2025, the first attacks using the SuperCard malware were recorded in Russia — a modified version of the NFCGate program designed to intercept bank card data. According to experts at F6, attackers are actively testing this tool against Russian bank customers after successful attacks in Europe, particularly in Italy.
SuperCard works on the same principle as NFCGate — it intercepts NFC traffic, allowing hackers to access payment data. However, as noted in F6, the new version has significant differences in functionality and code structure, which complicates its detection. Less than a month passed from the first mention of SuperCard abroad to the attacks in Russia.
As of the first quarter of 2025, the damage from such attacks in Russia amounted to 432 million rubles, and the number of compromised Android devices exceeded 175 thousand. NFC technology, used for contactless payments, becomes vulnerable if malware gets on the smartphone.
Read more on the topic:
Russian drone control system with open architecture is being developed at MAI
The first Bluetooth payment in Russia has been launched on iOS
