Network security company Cato Networks Cyber Threat Research Lab has unmasked a new tool in the cybercriminal underworld capable of beating two-factor authentication (2FA). The deepfake tool from threat actor ProKYC is being sold to cybercriminals as a way of circumventing the security systems of cryptocurrency exchanges. It works by using deepfake video to get […]
Network security company Cato Networks Cyber Threat Research Lab has unmasked a new tool in the cybercriminal underworld capable of beating two-factor authentication (2FA).
The deepfake tool from threat actor ProKYC is being sold to cybercriminals as a way of circumventing the security systems of cryptocurrency exchanges.
It works by using deepfake video to get around 2FA security used to approve new users, enabling criminals to create new verified accounts which they can then use for activities such as money laundering.
Cato CTRL points out that according to the America Association of Retired Persons (AARP) the growing problem of new account fraud resulted in $5.3billion in losses last year.
The tool uses deepfake technology to create a fake person, the image is then used to counterfeit a document such as a passport with a photo, and then a video of the fake person contained in those documents is created to attempt to pass online facial recognition challenges.
According to Cato CTRL the criminal initiates an account fraud attack by connecting to a cryptocurrency exchange, uploading the forged document.
They are then asked to open their computer’s camera to perform facial recognition as part of the exchange’s authentication process. Instead of that, the tool allows the criminal to connect the video created as if it is the camera’s input.
Cato CTRL points out that cryptocurrency exchanges and other organisations are not helpless to prevent these attacks although simply tightening the authentication process may not always produce the best results for cryptocurrency exchanges.
The more restrictive the biometric authentication system the greater the number of false-positive alerts, says Etay Maor, chief security strategist at Cato Networks.
But there are telltale signs that a document, picture, or video are fake, he adds. “One example is picture quality. A picture, and especially a video, which is very high quality are indicative of a digitally forged file. Another example is glitches in facial parts and inconsistency in eye and lip movement during biometric authentication. They should be treated as suspicious and manually verified by a human.”
