CyberSecurityBoard
Sponsor Register Login

Hackers Turning Stolen Payment Card Data into Apple & Google Wallets

Unlike earlier carding methods reliant on cloned magnetic stripes, this approach exploits contactless payment infrastructure via NFC relay tools like NFCGate—a repurposed academic tool originally designed for testing NFC security. Security analysts warn that the tactic poses significant challenges for financial institutions and underscores vulnerabilities in mobile payment ecosystems. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. Advanced groups also generate counterfeit card images, which are scanned into Apple Pay or Google Wallet to trigger OTP verification. Most financial institutions rely on SMS-based OTPs to verify mobile wallet linkages, which are easily intercepted by phishing or malware. ThreatFabric estimates that attackers using these tactics could generate $15 billion annually, based on median losses of $250 per card across 33,000 phishing domains. Behavioral Analytics: Monitoring for geographic inconsistencies (e.g., transactions in unreachable locations) and rapid serial purchases can flag Ghost Tap activity. A single compromised device can facilitate purchases at impossible travel speeds, e.g., transactions in New York and London within minutes. This relay bypasses geographic limitations, allowing simultaneous fraudulent purchases across multiple locations. She is covering various cyber security incidents happening in the Cyber Space. Picture from the Telegram channel, Chinese phishing gang depicts several toll road phish kits that are available. POS Terminal Upgrades: Implementing latency checks during NFC transactions could detect relay delays. The mule’s device interacts with the terminal, while the master device—often located in a different country—authenticates the transaction remotely. This method eliminates the need for physical card clones and scales operations by distributing cash-outs among multiple mules. Additionally, merchant adoption of 3-D Secure (3DS), a protocol for authenticating online transactions, remains inconsistent. Apple’s Device Account Number (DAN) and Google’s virtual cards must integrate multi-factor authentication. Proactive adoption of 3DS, coupled with AI-driven anomaly detection, could mitigate risks—but only if deployed before threat actors further refine their tactics.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 19 Feb 2025 13:45:06 +0000


Cyber News related to Hackers Turning Stolen Payment Card Data into Apple & Google Wallets

Does Your App Accept Digital Wallets? - Digital wallets are electronic systems that securely store payment information digitally. Digital wallets are designed for convenience and often include security features to protect your financial data. How Digital Wallets Function Digital wallets ...
1 year ago Feeds.dzone.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
4 months ago Aws.amazon.com
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Is Your Online Store Hacked in a Carding Attack? - Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using carding attacks as we gear up for the holiday season shopping. Online companies selling products or services are struggling with the growing ...
1 year ago Cybersecuritynews.com
Google Fi User Data Breached Through T-Mobile Hack - According to Google Fi's email sent to its customers on Monday, a limited amount of their customer data was exposed in T-Mobile's breach after suspicious activity was noted in a system that contained Google Fi's customer data. Google Fi, Google's ...
2 years ago Hackread.com
To tap or not to tap: Are NFC payments safer? - These cards required insertion into payment terminals and authentication with a PIN, marking a shift toward more secure transaction methods. These cards were still susceptible to cloning or information theft, though perpetrating such crimes was more ...
1 year ago Welivesecurity.com
Preventing Credit Card Fraud with PoS Malware: How Prilex Blocks Contactless Payments - New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. On a payment terminal, contactless transactions use NFC ...
2 years ago Bleepingcomputer.com
Prilex PoS Malware Blocks NFC Transactions to Steal Credit Card Data - The point-of-sale malware named Prilex has been modified to block contactless transactions in an effort to force users to insert their credit cards into terminals and steal their information. Initially detailed in 2017, Prilex has evolved from ...
2 years ago Securityweek.com
Hackers Turning Stolen Payment Card Data into Apple & Google Wallets - Unlike earlier carding methods reliant on cloned magnetic stripes, this approach exploits contactless payment infrastructure via NFC relay tools like NFCGate—a repurposed academic tool originally designed for testing NFC security. Security analysts ...
1 day ago Cybersecuritynews.com
Apple iOS 17.3: How to Turn on iPhone's New Stolen Device Protection - Apple today launched a new tool for iPhones to help reduce what a thief with your phone and passcode can access. The feature, called Stolen Device Protection, adds extra layers of protection to your iPhone when someone tries to access or change ...
1 year ago Wired.com
Ahead of Regulatory Wave: Google's Pivotal Announcement for EU Users - Users in the European Union will be able to prevent Google services from sharing their data across different services if they do not wish to share their data. Google and five other large technology companies must comply with the EU's Digital Markets ...
1 year ago Cysecurity.news
Google Cloud Next 2024: New Data Center Chip Joins Ecosystem - Google Cloud announced a new enterprise subscription for Chrome and a bevy of generative AI add-ons for Google Workspace during the Cloud Next '24 conference, held in Las Vegas from April 9 - 11. Overall, Google Cloud is putting its Gemini generative ...
10 months ago Techrepublic.com
BidenCash darkweb market gives 1.9 million credit cards for free - The BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote itself among cybercriminals. BidenCash launched in early 2022 as a new marketplace on both the dark web and the clearnet, selling ...
1 year ago Bleepingcomputer.com
Google Fi Data Breach Reportedly Led to SIM Swapping - The Google Fi telecommunications service has informed customers about a data breach that appears to be related to the recently disclosed T-Mobile cyberattack. Google Fi, which provides wireless phone and internet services, has told customers that the ...
2 years ago Securityweek.com
9 online scams to watch out for this holiday season - By being aware of these common online scams and taking precautions, you can protect yourself and your family from becoming victims this holiday season. The holiday season is upon us, and that means it's time to start shopping for gifts. It's not just ...
1 year ago Blog.avast.com
E-commerce Security: Protecting Customer Data - In today's digital landscape, ensuring the security of customer data in e-commerce is a crucial concern for businesses. Protecting e-commerce data security is a complex task that requires a comprehensive understanding of the challenges faced by ...
1 year ago Securityzap.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
7 months ago Bleepingcomputer.com
Data allegedly stolen in Ticketmaster hack - A group of hackers say they have stolen the personal details of 560 million Ticketmaster customers. ShinyHunters, the group claiming responsibility, says the stolen data includes names, addresses, phone numbers and partial credit card details from ...
8 months ago Packetstormsecurity.com
Europol warns 443 online shops infected with credit card stealers - Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases. Skimmers are small snippets of JavaScript code added to checkout pages or loaded ...
1 year ago Bleepingcomputer.com
Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards - The Brazilian threat actors behind an advanced and modular point-of-sale malware known as Prilex have reared their head once again with new updates that allow it to block contactless payment transactions. Russian cybersecurity firm Kaspersky said it ...
2 years ago Thehackernews.com
4 Security Tips From PCI DSS 4.0 Anyone Can Use - To security professionals, compliance may not be the sexiest subject, but is an important one for a variety of reasons. Security teams are important stakeholders in governance, risk, and compliance efforts, and, thus, their efforts deserve an ...
11 months ago Darkreading.com
Google: Malware abusing API is standard token theft, not an API issue - Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired. In late November 2023, BleepingComputer reported on two information-stealing malware ...
1 year ago Bleepingcomputer.com
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 23, 2024 to September 29, 2024) - Software Name Software Slug 012 Ps Multi Languages 012-ps-multi-languages ABC APP CREATOR abcapp-creator Absolute Reviews absolute-reviews Accordion accordions Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads quick-adsense-reloaded Advanced File ...
4 months ago Wordfence.com
Hacker leaks millions of new 23andMe genetic data profiles - A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe ...
1 year ago Bleepingcomputer.com
New Versions of Prilex POS Malware Can Block Contactless Transactions - New versions of Prilex point-of-sale malware have been spotted in the wild. Their new capabilities include blocking Near Field Communication credit card transactions. This way clients are obliged to use the machine to pay, allowing the malicious code ...
2 years ago Heimdalsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)