Connect with us

Hi, what are you looking for?


Attackers are stealing biometrics to access victims’ bank accounts.

Attackers are now resorting to stealing biometric data to gain access to victims’ bank accounts, revealing the vulnerabilities of these supposedly secure authentication methods. A recent discovery by cybersecurity firm Group-IB uncovered the first instance of a banking trojan capable of stealing individuals’ facial data. This new tactic involves tricking users into providing personal information and undergoing face scans, which are then substituted with AI-generated deepfakes to circumvent security measures.

The surge in face swap deepfake attacks underscores the escalating threat posed by biometric vulnerabilities. According to the iProov Threat Intelligence Report, such attacks increased by a staggering 704% in the latter part of 2023. This trend highlights the growing sophistication of cybercriminals, who leverage advanced generative AI tools to create highly convincing deepfakes capable of deceiving both humans and conventional biometric systems.

This concerning development challenges the notion of biometrics as infallible security measures. Gartner predicts that by 2026, 30% of enterprises will no longer consider biometric tools reliable on their own. Compounding the risk is the fact that biometric data, once compromised, cannot be changed like passwords, leaving individuals perpetually vulnerable to exploitation.

The discovery of GoldPickaxe.iOS, a trojan capable of intercepting text messages and collecting facial recognition data, further highlights the evolving threat landscape. Developed by a Chinese-language group known as GoldFactory, this malware targets users across the Asia-Pacific region, particularly the elderly, by masquerading as legitimate government services.

The trojan’s modus operandi involves enticing victims to provide personal information, which is then utilized to create deepfake videos for unauthorized access to bank accounts. While currently prevalent in Thailand and Vietnam, there are indications that the group may expand its operations beyond the APAC region.

To mitigate the risk of biometric attacks, users are advised to exercise caution when interacting with links, downloading apps, and granting permissions. Additionally, maintaining vigilance is crucial for detecting signs of malware infection, such as unusual device behavior and unauthorized data access.

In an era of heightened cyber threats, awareness and proactive security measures are essential to combat evolving attack vectors targeting biometric data and personal information.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Apple is gearing up for a significant refresh of its iPad lineup in 2024, starting with the anticipated launch of the iPad Pro in...


Microsoft Teams had a major hiccup on Friday, causing disruptions and various issues for users. The problem started around 11 a.m. EST and quickly...


JetBlue Airways is considering pulling out of its $3.8 billion acquisition of Spirit Airlines following a federal judge’s blockage of the deal in response...


Tesla is pulling back nearly 200,000 cars in the U.S. over a glitch with the backup camera not kicking in when the car’s in...