Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and phone numbers and are prompted to perform face scans. These images are then swapped out with AI-generated deepfakes that can easily bypass security checkpoints.
The method — developed by a Chinese-based hacking family — is believed to have been used in Vietnam earlier this month, when attackers lured a victim into a malicious app, tricked them into face scanning, then withdrew the equivalent of $40,000 from their bank account.
These hackers “have introduced a new category of malware families that specialize in harvesting facial recognition data,” Sharmine Low, malware analyst in Group-IB’s Asia-Pacific APAC threat intelligence team, wrote in a blog post. “They have also developed a tool that facilitates direct communication between victims and cybercriminals posing as legitimate bank call centers.”
A Whole New Fraud Technique
These hackers “have introduced a new category of malware families that specialize in harvesting facial recognition data,” Low said. Face swap deepfake attacks increased by 704% between the first and second halves of 2023, according to a new iProov Threat Intelligence Report. The biometric authentication company also discovered a 672% increase in the use of deepfake media being used alongside spoofing tools and a 353% increase in the use of emulators (which mimic user devices) and spoofing to launch digital injection attacks.
Furthermore, “cybercriminals are becoming increasingly creative and adept at social engineering,” Low writes. “By exploiting human psychology and trust, bad actors construct intricate schemes that can deceive even the most vigilant users.”
Venturebeat has the full story including the recommendations to help users avoid biometric attacks.
