The payment fraud landscape is experiencing a resurgence of 'carding' through sophisticated Near Field Communication (NFC) relay attacks, which combine social engineering and custom mobile malware to bypass contactless payment security measures, enabling unauthorized transactions. A critical emerging trend is the proliferation of Malware-as-a-Service (MaaS) platforms, primarily operated by Chinese-speaking threat actors, who develop and distribute advanced NFC relay capabilities as turn-key solutions to global affiliates, facilitating complex card-present fraud schemes on an unprecedented scale and leading to arrests in the U.S. and EU. This MaaS operational model, featuring affiliate networks and advanced tools, signifies a critical evolution in financial threats, alarming global financial institutions and necessitating urgent adaptation of fraud prevention strategies. The discussion will explore MaaS operations, presenting key findings from the Supercard X analysis, including its technical capabilities, and examining the implications for the payment industry, with mitigation strategies and actionable intelligence such as actor communications and distinct Tactics, Techniques, and Procedures (TTPs) being shared. Furthermore, the talk will reveal how developers of well-known Android banking trojans are integrating NFC relay functionalities to enhance their cash-out techniques, providing attendees with a deep dive into NFC Relay MaaS, exclusive threat intelligence, and an understanding of the evolving fraud landscape, including the operational models, tools, and TTPs employed by modern NFC Relay MaaS platforms, as well as the systemic risks posed to global financial institutions and the urgent need for adaptive security postures.

DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
5.4K views

DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
11.1K views

DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
8.5K views

DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
3.6K views

DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
5.4K views

DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
6.4K views