NFC Fraud Wave: Evolution of Ghost Tap on the Dark Web
Essential information
- Published
- 23/04/2025 19:45
- Modified
- 23/04/2025 23:02
- Tags
- 2025-04-23 carding contactless payments ghost tap host card emulation king nfc loyalty points fraud mobile wallets nfc fraud ngate pos terminals track2nfc z-nfc
- Related entities
- 3 observables, 1 intrusion sets (apt), 6 techniques (mitre), 4 malware, 15 others
Description
Chinese cybercriminals are exploiting NFC technologies for fraudulent purposes, targeting financial institutions and consumers worldwide. They use sophisticated tools like Z-NFC and King NFC to facilitate illegal transactions at scale. The fraudsters leverage Host Card Emulation (HCE) to mimic physical NFC smart cards and create 'farms' of mobile devices to automate fraud. They target countries including the US, UK, EU, Australia, Canada, and others. The criminals also abuse NFC-enabled POS terminals and exploit loyalty points programs. This growing threat has led to significant financial losses and poses serious risks to payment security and digital identity systems globally.