Ethical Hacking News
Cybercriminals are exploiting NFC technology to cash out stolen funds via mobile payments using a new malware campaign dubbed "Ghost Tap." This attack vector leverages legitimate research tools to relay NFC traffic, allowing cybercriminals to bypass anti-fraud mechanisms and make large-scale fraudulent transactions. Experts warn that this campaign poses significant challenges for financial institutions and retailers alike, highlighting the need for robust security measures to prevent such attacks.
Cybersecurity experts have warned of a new malware campaign called "Ghost Tap" that exploits NFC technology for large-scale cash-out schemes. The malware captures and relays NFC traffic, allowing cybercriminals to exploit vulnerabilities in mobile payment services like Google Pay or Apple Pay. Attackers trick victims into downloading mobile banking malware, obtaining their banking credentials and one-time passwords. Cybercriminals use the NFC gate technology to relay tap-to-pay information to a "mule" who makes fraudulent purchases at a store. The Ghost Tap malware offers advantages over previous attack vectors, including scaling rapid fraudulent schemes with multiple mules. Financial institutions and retailers must implement robust security measures to prevent such attacks due to the increasing speed of communication and lack of proper time-based detection.
Cybersecurity experts have sounded the alarm over a new malware campaign, dubbed "Ghost Tap," that is exploiting Near Field Communication (NFC) technology to facilitate large-scale cash-out schemes involving stolen credit card funds. This novel attack vector leverages the NFC gate technology, which has been previously used by threat actors to transmit NFC information from victim devices to attackers.
The Ghost Tap malware is designed to capture and relay NFC traffic, allowing cybercriminals to exploit the vulnerabilities of mobile payment services such as Google Pay or Apple Pay. By tricking victims into downloading mobile banking malware, attackers can obtain their banking credentials and one-time passwords, which are then used to link the card details to the malicious NFC gate.
Once in possession of the card information, threat actors use the NFC gate technology to relay the tap-to-pay information to a "mule," who is responsible for making fraudulent purchases at a store. The mule can be located anywhere in the world, making it extremely challenging for financial institutions and retailers to detect these transactions.
The use of legitimate research tools such as NFC Gate poses significant challenges for security professionals. This technology allows devices to capture, analyze, or modify NFC traffic and can also be used to pass the NFC information between two devices using a server. By exploiting this vulnerability, cybercriminals can establish a relay between the device with the linked card and a point-of-sale (PoS) terminal at a retailer, effectively bypassing anti-fraud mechanisms.
The Ghost Tap malware offers several advantages over previous attack vectors. For instance, it enables cybercriminals to purchase gift cards at offline retailers without having to be physically present. Furthermore, this campaign allows threat actors to scale their fraudulent schemes by enlisting the help of multiple mules at different locations within a short span of time.
The evolution of networks with increasing speed of communication and the lack of proper time-based detection on ATM/POS terminals have made these attacks possible. The actual devices with cards can be physically located far away from the place where the transaction is performed, making it extremely difficult to detect their location and prevent transactions.
This new malware campaign poses significant challenges for financial institutions and retailers alike. The ability of cybercriminals to scale rapidly and operate under a cloak of anonymity makes it crucial for organizations to implement robust security measures to prevent such attacks.
Experts recommend that individuals take proactive steps to protect themselves from these threats, including being cautious when downloading mobile banking apps and monitoring their account activity closely. Additionally, financial institutions must review their security protocols to ensure that they are not vulnerable to these types of attacks.
In conclusion, the Ghost Tap malware represents a significant threat to mobile payment services and financial institutions worldwide. It is essential for organizations to stay informed about the latest security threats and implement robust measures to prevent such attacks from occurring in the future.
Related Information:
https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html
https://thehackernews.com/search/label/Fraud Detection
Published: Wed Nov 20 08:06:10 2024 by llama3.2 3B Q4_K_M
