Hackers have developed a sophisticated scheme called Ghost Tap, leveraging near-field communication (NFC) technology to steal funds through mobile payment platforms like Google Pay and Apple Pay. This method allows cybercriminals to globally relay tap-to-pay data from compromised accounts, enabling them to execute fraudulent transactions without needing physical access to victims’ cards or devices. The attack has raised significant concerns about the vulnerabilities in NFC-enabled payment systems and the growing challenges faced by financial institutions and retailers.
The Ghost Tap scheme begins with malware or phishing tactics designed to steal victims’ banking credentials and one-time passwords (OTPs). Once attackers obtain these details, they link the stolen cards to mobile payment applications. To bypass detection by payment issuers, they use NFCGate, a legitimate research tool capable of capturing and transmitting NFC traffic. NFCGate’s Host Card Emulation (HCE) feature allows attackers to simulate a physical NFC tag, enabling them to send payment data from a compromised device to a mule who carries out the fraudulent transaction at a retailer’s point-of-sale (PoS) terminal.
One of the key advantages of this attack is its scalability. Cybercriminals can conduct transactions from multiple locations simultaneously by employing mules in different areas. The scheme also allows the purchase of high-value items, such as gift cards, without the attackers being physically present. This tactic complicates detection further, as transactions appear to originate from the same device, fooling anti-fraud mechanisms. Additionally, putting the device in airplane mode obscures its location, making it difficult to link the compromised card to the fraudulent activity.
The use of Ghost Tap highlights the growing sophistication of cybercriminal techniques and the challenges they pose to payment security. By exploiting NFC technology, attackers can bypass traditional anti-fraud measures and scale their operations globally. Financial institutions and retailers are urged to enhance their detection mechanisms and implement stricter security protocols to mitigate the risks associated with this new attack vector. As NFC-based transactions become more prevalent, addressing these vulnerabilities will be crucial to maintaining consumer trust in mobile payment systems.
