NFC Fraud Wave: Evolution of Ghost Tap on the Dark Web

April 23, 2025, 11:02 p.m.

Description

Chinese cybercriminals are exploiting NFC technologies for fraudulent purposes, targeting financial institutions and consumers worldwide. They use sophisticated tools like Z-NFC and King NFC to facilitate illegal transactions at scale. The fraudsters leverage Host Card Emulation (HCE) to mimic physical NFC smart cards and create 'farms' of mobile devices to automate fraud. They target countries including the US, UK, EU, Australia, Canada, and others. The criminals also abuse NFC-enabled POS terminals and exploit loyalty points programs. This growing threat has led to significant financial losses and poses serious risks to payment security and digital identity systems globally.

External References

https://www.resecurity.com/blog/article/nfc-fraud-wave-evolution-of-ghost-tap-on-the-dark-web
https://otx.alienvault.com/pulse/6809436ac67098f19bfd41e5
Tags
ngate
2025-04-23
carding
mobile wallets
pos terminals
contactless payments
loyalty points fraud
track2nfc
nfc fraud
ghost tap
king nfc
host card emulation
z-nfc

Date

  • Created: April 23, 2025, 7:45 p.m.
  • Published: April 23, 2025, 7:45 p.m.
  • Modified: April 23, 2025, 11:02 p.m.

Indicators

  • 1663a67a95612552caf850604657ddc508161a1fb2a25144abffec8c5213a77b
  • https://znfcqwe.top
  • znfcqwe.top
Download all indicators here!

Attack Patterns

  • King NFC
  • Z-NFC
  • Track2NFC
  • NGate
  • Chinese cybercriminal groups

Additional Informations

  • Retail
  • Transportation
  • Finance
  • New Zealand
  • Australia
  • Taiwan
  • Saudi Arabia
  • China
  • United Arab Emirates
  • Canada
  • Japan
  • Malaysia
  • Philippines
  • United Kingdom of Great Britain and Northern Ireland
  • United States of America