EPISODE · Nov 13, 2025 · 4 MIN
Billion-Dollar Phishing Frenzy Fuels US Scam Crackdown as Ghost Tap Stalks Payment Cards
from Digital Dragon Watch: Weekly China Cyber Alert · host Inception Point AI
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here, your digital dragon slayer on the Weekly China Cyber Alert. Buckle up—because the past seven days have been pure cyber-chaos in the world of China-linked hacks, scams, and behind-the-scenes defensive moves. Let’s get right to the highlights, starting with a billion-dollar troublemaker. Google just dropped a legal nuke in the Southern District of New York—suing a China-based cyber gang behind a Phishing-as-a-Service platform called Lighthouse. Think of Lighthouse as the Amazon Prime of online scams; instead of delivering deals, it delivers SMS phishing at industrial scale. Over a million victims, across 120 countries, tricked by fake E-ZPass and USPS messages. Lighthouse doesn’t bother reinventing the wheel—it rents out cloned login screens from Google, banks, and delivery services. Netcraft tracked over 17,000 phishing domains linked to this syndicate, and Palo Alto Networks says they’ve fired off nearly 200,000 malicious domains since January, targeting everything from banks to—get this—state police. The hits just keep coming, because Lighthouse isn’t alone. These PhaaS operations—Lighthouse, Lucid, Darcula—are interconnected, constantly evolving, and worse: syndicates like the Smishing Triad may have slurped data tied to up to 115 million U.S. payment cards over the last year. The new trick? Ghost Tap, used to load your stolen card right into a digital wallet—so by the time you notice the double-charged lattes, your card’s gone global. US government response? This week, after dollar losses soared from crypto “pig butchering” to classic phishing, the Department of Justice and Treasury teamed up on the new Scam Center Strike Force. They’re bringing DOJ, FBI, OFAC, and State together, aiming to whack these scam compounds at every level—prosecution, infrastructure takedowns, asset freezes, working with allies, the works. Treasury’s even sanctioned Burma-based networks that have strong ties to Chinese cybercrime syndicates. It’s the biggest, most coordinated counter-scam push in recent memory. Meanwhile, the threat’s not just financial. Socket’s security researchers busted malicious NuGet packages—published under the Chinese-flavored alias shanhai666—that silently sabotage industrial systems and PLCs. These packages were designed so cleverly that they can crash safety-critical infrastructure, cause random failures masked as hardware glitches, and even corrupt data without detection for years. Sharp7Extend, one of the nastiest, waits for months or years after installation, then triggers silent write failures and random process kills—imagine the headaches for industrial plants and supply chains. And let’s not skip the international espionage angle—just yesterday, Andrew Shearer, the chief of Australia’s spy agency, warned that Chinese hackers are actively probing critical networks Down Under, hunting for both secrets and sabotage opportunities. That’ This content was created in partnership and with the help of Artificial Intelligence AI.
What this episode covers
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here, your digital dragon slayer on the Weekly China Cyber Alert. Buckle up—because the past seven days have been pure cyber-chaos in the world of China-linked hacks, scams, and behind-the-scenes defensive moves. Let’s get right to the highlights, starting with a billion-dollar troublemaker. Google just dropped a legal nuke in the Southern District of New York—suing a China-based cyber gang behind a Phishing-as-a-Service platform called Lighthouse. Think of Lighthouse as the Amazon Prime of online scams; instead of delivering deals, it delivers SMS phishing at industrial scale. Over a million victims, across 120 countries, tricked by fake E-ZPass and USPS messages. Lighthouse doesn’t bother reinventing the wheel—it rents out cloned login screens from Google, banks, and delivery services. Netcraft tracked over 17,000 phishing domains linked to this syndicate, and Palo Alto Networks says they’ve fired off nearly 200,000 malicious domains since January, targeting everything from banks to—get this—state police. The hits just keep coming, because Lighthouse isn’t alone. These PhaaS operations—Lighthouse, Lucid, Darcula—are interconnected, constantly evolving, and worse: syndicates like the Smishing Triad may have slurped data tied to up to 115 million U.S. payment cards over the last year. The new trick? Ghost Tap, used to load your stolen card right into a digital wallet—so by the time you notice the double-charged lattes, your card’s gone global. US government response? This week, after dollar losses soared from crypto “pig butchering” to classic phishing, the Department of Justice and Treasury teamed up on the new Scam Center Strike Force. They’re bringing DOJ, FBI, OFAC, and State together, aiming to whack these scam compounds at every level—prosecution, infrastructure takedowns, asset freezes, working with allies, the works. Treasury’s even sanctioned Burma-based networks that have strong ties to Chinese cybercrime syndicates. It’s the biggest, most coordinated counter-scam push in recent memory. Meanwhile, the threat’s not just financial. Socket’s security researchers busted malicious NuGet packages—published under the Chinese-flavored alias shanhai666—that silently sabotage industrial systems and PLCs. These packages were designed so cleverly that they can crash safety-critical infrastructure, cause random failures masked as hardware glitches, and even corrupt data without detection for years. Sharp7Extend, one of the nastiest, waits for months or years after installation, then triggers silent write failures and random process kills—imagine the headaches for industrial plants and supply chains. And let’s not skip the international espionage angle—just yesterday, Andrew Shearer, the chief of Australia’s spy agency, warned that Chinese hackers are actively probing critical networks Down Under, hunting for both secrets and sabotage opportunities. That’ This content was created in partnership and with the help of Artificial Intelligence AI.
NOW PLAYING
Billion-Dollar Phishing Frenzy Fuels US Scam Crackdown as Ghost Tap Stalks Payment Cards
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.