https://krebsonsecurity.com/2025/02/how-phished-data-turns-into-apple-google-wallets
Chinese cybercriminal groups have revitalized the carding industry by turning phished credit card data into mobile wallets, enabling widespread fraud.
These groups utilize sophisticated phishing techniques, primarily through iMessage and RCS, to capture victims’ payment card information and one-time codes used for mobile wallet provisioning. They then link the stolen card data to new mobile wallets on devices they control, often selling these pre-loaded phones in bulk.
These cybercriminals are also using innovative techniques like “ghost tap” software, which relays NFC transactions from anywhere in the world, enabling them to cash out stolen funds at local payment terminals or ATMs.
The phishing operations are highly organized, with vendors selling sophisticated phishing kits that include features like real-time data capture, back-end databases for storing stolen information, and automated tools for creating fake payment card images for easy mobile wallet enrollment.
This resurgence of carding through mobile wallets has resulted in significant financial losses, highlighting the need for enhanced security measures in mobile wallet provisioning and payment systems.