Source URL: https://www.threatfabric.com/blogs/ghost-tap-new-cash-out-tactic-with-nfc-relay
Source: Hacker News
Title: Ghost Tap: New cash-out tactic with NFC Relay
Feedly Summary: Comments
AI Summary and Description: Yes
Summary: The text discusses a new cash-out tactic used by fraudsters, termed “Ghost Tap,” which involves relaying NFC traffic to covertly cash out stolen credit card information linked to mobile payment systems like Google Pay and Apple Pay. The growing concern over NFC-based attacks signals a need for enhanced fraud detection and response strategies for financial institutions.
Detailed Description:
The article outlines a significant evolution in fraudulent tactics used by cybercriminals, highlighting several key points:
– **Ghost Tap Tactic**: A new approach allowing the relay of NFC traffic between stolen card holders and accomplices (mules) at points of sale (POS), enabling fraudulent transactions while maintaining anonymity.
– **Mechanism**: The method exploits mobile payment services (like Apple Pay and Google Pay) linked to stolen credit cards, involving:
– Obtaining One-Time Passwords (OTPs) through mobile malware or phishing.
– Linking stolen cards to new devices, allowing for fraudulent cash-out at physical retail locations.
– **Tool Utilization**: Cybercriminals are using NFCGate, designed for academic research, as a means to facilitate these attacks, illustrating how legitimate tools can be repurposed for fraudulent activities.
– **Scalability of Fraud**:
– The ability for criminals to execute multiple small transactions across various locations without attracting attention.
– The challenges faced by law enforcement and financial institutions in tracking and detecting these activities due to the technology’s nature and the operational anonymity it provides.
– **Financial Institutions’ Challenges**:
– The complexity of detecting these sophisticated cash-out tactics, especially considering the potential for low-value transactions that aggregate to a more significant total.
– Notable difficulties in pinpointing the actual device used for transactions, particularly if the device is manipulated (e.g., placed in airplane mode).
– **Recommendations for Detection**: To combat the Ghost Tap fraud tactic, financial organizations need to enhance their fraud detection frameworks by monitoring for:
– New device linkage to existing customer accounts, especially in cases of detected malware.
– Unusually clustered transactions in geographically implausible timeframes that suggest fraudulent cash-outs.
– **Conclusion**: The rise of NFC-based cybercriminal activities calls for immediate action among industry stakeholders, emphasizing the need for improved detection methodologies, robust security protocols, and collaboration across financial ecosystems to safeguard customer assets against evolving threats.
The discussion underscores an urgent requirement for advanced threat detection mechanisms and collaborative efforts to mitigate risks associated with NFC-based fraudulent activities, particularly as technology continues to evolve and cybercriminal tactics become more sophisticated.