More threat actors have been leveraging the newly emergent Ghost Tap attack technique that exploits NFC to facilitate cash-outs from targets through point-of-sale terminals, reports BleepingComputer.
Attacks involving Ghost Tap commence with the compromise of payment card data and one-time passwords for virtual wallets, which are then delivered by a relay server to money mules who could withdraw the funds without being easily detected, representing a marked improvement from the previously discovered NGate attacks that required ATM withdrawals for threat actors, an analysis from Threat Fabric showed. "The new tactic for cash-outs poses a challenge for financial organizations: the ability of cybercriminals to scale the fraudulent offline purchases, making multiple small payments in different places, might not trigger the anti-fraud mechanisms and might allow cybercriminals to successfully buy goods that can be further re-sold (like gift cards)," said ThreatFabric, which urged banks to be vigilant of same card transactions from different locations that could not have been done within the timeframe of the charges.
