Chinese-speaking cybercriminals are using ghost-tapping techniques to take advantage of Near Field Communication (NFC) relay tactics in a sophisticated evolution of payment card fraud. They are mainly targeting mobile payment services such as Apple Pay and Google Pay.
This attack vector involves relaying stolen payment card credentials from compromised devices to mules’ burner phones, enabling unauthorized contactless transactions for retail fraud.
According to analysis from Insikt Group, threat actors such as @webu8 on Telegram are automating the provisioning of victim cards into digital wallets, bypassing security measures like one-time passwords (OTPs) through phishing and malware.
https://gbhackers.com/new-ghost-tapping ... pay-users/