New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay

Recorded Future analysts identified key threat actors operating on Telegram platforms, particularly @webu8, who advertises specialized burner phones and ghost-tapping services to Chinese-speaking criminal syndicates. Through extensive research and direct engagement with these threat actors, analysts uncovered a sophisticated criminal infrastructure that extends across Southeast Asia, with operations centered in Cambodia and China but targeting victims globally.

Cybercriminals like @webu8 operate as suppliers, providing not only burner phones loaded with stolen credentials but also offering phone recycling services to maximize operational efficiency.

These threat actors sell devices for approximately $500 USDT when loaded with ten compromised payment cards, establishing a clear economic model that incentivizes large-scale operations.

To read the complete article see: Cyber Security News.