AI-Powered Face Swapping and Its Threat to Biometric Security

Mr. Shrey Madaan
Mr. Shrey Madaan
Research Associate, CyberPeace Foundation
PUBLISHED ON
Feb 23, 2024
10

Introduction

As we delve deeper into the intricate, almost esoteric digital landscape of the 21st century, we are confronted by a new and troubling phenomenon that threatens the very bastions of our personal security. This is not a mere subplot in some dystopian novel but a harsh and palatable reality firmly rooted in today's technologically driven society. We must grapple with the consequences of the alarming evolution of cyber threats, particularly the sophisticated use of artificial intelligence in creating face swaps—a technique now cleverly harnessed by nefarious actors to undermine the bedrock of biometric security systems.

What is GoldPickaxe?

It was amidst the hum of countless servers and data centers that the term 'GoldPickaxe' began to echo, sending shivers down the spines of cybersecurity experts. Originating from the intricate web spun by a group of Chinese hackers as reported in Dark Reading. GoldPickaxe represents the latest in a long lineage of digital predators. It is an astute embodiment of the disguise, blending into the digital environment as a seemingly harmless government service app. But behind its innocuous facade, it bears the intent to ensnare and deceive, with the elderly demographic being especially susceptible to its trap.  

Victims, unassuming and trustful, are cajoled into revealing their most sensitive information: phone numbers, private details, and, most alarmingly, their facial data. These virtual reflections, intended to be the safeguard of one's digital persona, are snatched away and misused in a perilous transformation. The attackers harness such biometric data, feeding it into the arcane furnaces of deepfake technology, wherein AI face-swapping crafts eerily accurate and deceptive facsimiles. These digital doppelgängers become the master keys, effortlessly bypassing the sentinel eyes of facial recognition systems that lock the vaults of Southeast Asia's financial institutions.

Through the diligent and unyielding work of the research team at Group-IB, the trajectory of one victim's harrowing ordeal—a Vietnamese individual pilfered of a life-altering $40,000—sheds light on the severity of this technological betrayal. The advancements in deep face technology, once seen as a marvel of AI, now present a clear and present danger, outpacing the mechanisms meant to deter unauthorized access, and leaving the unenlightened multitude unaware and exposed.

Adding weight to the discussion, experts, a potentate in biometric technology, commented with a somber tone: 'This is why we see face swaps as a tool of choice for hackers. It gives the threat actor this incredible level of power and control.' This chilling testament to the potency of digital fraudulence further emphasizes that even seemingly impregnable ecosystems, such as that of Apple’s, are not beyond the reach of these relentless invaders.

New Threat

Emerging from this landscape is the doppelgänger of GoldPickaxe specifically tailored for the iOS landscape—GoldDigger's mutation into GoldPickaxe for Apple's hallowed platform is nothing short of a wake-up call. It engenders not just a single threat but an evolving suite of menaces, including its uncanny offspring, 'GoldDiggerPlus,' which is wielding the terrifying power to piggyback on real-time communications of the affected devices. Continuously refined and updated, these threats become chimeras, each iteration more elusive, more formidable than its predecessor.

One ingenious and insidious tactic exploited by these cyber adversaries is the diversionary use of Apple's TestFlight, a trusted beta testing platform, as a trojan horse for their malware. Upon clampdown by Apple, the hackers, exhibiting an unsettling level of adaptability, inveigle users to endorse MDM profiles, hitherto reserved for corporate device management, thereby chaining these unknowing participants to their will.

How To Protect

Against this stark backdrop, the question of how one might armor oneself against such predation looms large. It is a question with no simple answer, demanding vigilance and proactive measures. 

General Vigilance : Aware of the Trojan's advance, Apple is striving to devise countermeasures, yet individuals can take concrete steps to safeguard their digital lives.

Consider Lockdown Mode:  It is imperative to exhibit discernment with TestFlight installations, to warily examine MDM profiles, and seriously consider embracing the protective embrace of Lockdown Mode. Activating Lockdown Mode on an iPhone is akin to drawing the portcullis and manning the battlements of one's digital stronghold. The process is straightforward: a journey to the settings menu, a descent into privacy and security, and finally, the sanctification of Lockdown Mode, followed by a device restart. It is a curtailment of convenience, yes, but a potent defense against the malevolence lurking in the unseen digital thicket.

As 'GoldPickaxe' insidiously carves its path into the iOS realm—a rare and unsettling occurrence—it flags the possible twilight of the iPhone's vaunted reputation for tight security. Should these shadow operators set their sights beyond Southeast Asia, angling their digital scalpels towards the U.S., Canada, and other English-speaking enclaves, the consequences could be dire.

Conclusion

Thus, it is imperative that as digital citizens, we fortify ourselves with best practices in cybersecurity. Our journey through cyberspace must be cautious, our digital trails deliberate and sparse. Let the specter of iPhone malware serve as a compelling reason to arm ourselves with knowledge and prudence, the twin guardians that will let us navigate the murky waters of the internet with assurance, outwitting those who weave webs of deceit. In heeding these words, we preserve not only our financial assets but the sanctity of our digital identities against the underhanded schemes of those who would see them usurped.

References 

PUBLISHED ON
Feb 23, 2024
Category
TAGS
No items found.

Related Blogs

Alarming statistics on Sextortion
Alarming statistics on Sextortion
10
October 20, 2023

Introduction:

The Federal Bureau of Investigation (FBI) focuses on threats and is an intelligence-driven agency with both law enforcement and intelligence responsibilities. The FBI has the power and duty to look into certain offences that are entrusted to it and to offer other law enforcement agencies cooperation services including fingerprint identification, lab tests, and training. In order to support its own investigations as well as those of its collaborators and to better comprehend and address the security dangers facing the United States, the FBI also gathers, disseminates, and analyzes intelligence.

The FBI’s  Internet Crime Complaint Center (IC3) Functions combating cybercrime:

  1. Collection: Internet crime victims can report incidents and notify the relevant authorities of potential illicit Internet behavior using the IC3. Law enforcement frequently advises and directs victims to use www.ic3.gov to submit a complaint.
  2. Analysis: To find new dangers and trends, the IC3 examines and examines data that users submit via its website.
  3. Public Awareness: The website posts public service announcements, business alerts, and other publications outlining specific frauds. Helps to raise awareness and make people become aware of Internet crimes and how to stay protected.
  4. Referrals: The IC3 compiles relevant complaints to create referrals, which are sent to national, international, local, and state law enforcement agencies for possible investigation. If law enforcement conducts an investigation and finds evidence of a crime, the offender may face legal repercussions.

Alarming increase in cyber crime cases:

In the recently released 2022 Internet Crime Report by the FBI's Internet Crime Complaint Center (IC3), the statistics paint a concerning picture of cybercrime in the United States. FBI’s Internet Crime Complaint Center (IC3) received 39,416 cases of extortion in 2022. The number of cases in 2021 stood at 39,360.

FBI officials emphasize the growing scope and sophistication of cyber-enabled crimes, which come from around the world. They highlight the importance of reporting incidents to IC3 and stress the role of law enforcement and private-sector partnerships.

About Internet Crime Complaint Center IC3:

IC3 was established in May 2000 by the FBI to receive complaints related to internet crimes.

It has received over 7.3 million complaints since its inception, averaging around 651,800 complaints per year over the last five years. IC3's mission is to provide the public with a reliable reporting mechanism for suspected cyber-enabled criminal activity and to collaborate with law enforcement and industry partners. 

The FBI encourages the public to regularly review consumer and industry alerts published by IC3. An victim of an internet crime are urged to submit a complaint to IC3, and can also file a complaint on behalf of another person. These statistics underscore the ever-evolving and expanding threat of cybercrime and the importance of vigilance and reporting to combat this growing challenge.

What is sextortion?

The use or threatened use of a sexual image or video of another person without that person’s consent, derived from online encounters or social media websites or applications, primarily to extort money from that person or asking for sexual favours and giving warning to distribute that picture or video to that person’s friends, acquaintances, spouse, partner, or co-workers or in public domain. 

Sextortion is an online crime that can be understood as, when an bad actor coerces a young person into creating or sharing a sexual image or video of themselves and then uses it to get something from such young person, such as other sexual images, money, or even sexual favours. Reports highlights that more and more kids are being blackmailed in this way. Sextortion can also happen to adults. Sextortion can also take place by taking your pictures from social media account and converting those pictures into sexually explicit content by morphing such images or creating deepfake by miusing deepfake technologies.

Sextortion in the age of AI and advanced technologies:

AI and deep fake technology make sextortion even more dangerous and pernicious. A perpetrator can now produce a high-quality deep fake that convincingly shows a victim engaged in explicit acts — even if the person has not done any such thing. 

Legal Measures available in cases of sextortion:

In India, cybersecurity is governed primarily by the Indian Penal Code (IPC) and the Information Technology Act, 2000 (IT Act). Addressing cyber crimes such as hacking, identity theft, and the publication of obscene material online, sextortion and other cyber crimes. The IT Act covers various aspects of electronic governance and e-commerce, with providing provisions for defining such offences and providing punishment for such offences.

Recently Digital Personal Data Protection Act, 2023 has been enacted by the Indian Government to protect the digital personal data of the Individuals. These laws collectively establish the legal framework for cybersecurity and cybercrime prevention in India. Victims are urged to report the crime to local law enforcement and its cybercrime divisions. Law enforcement will investigate sextortion cases reports and will undertake appropriate legal action.  

How to stay protected from evolving cases of sextortion: Best Practices:

  • Report the Crime to law enforcement agency and social media platform or Internet service provider. 
  • Enable Two-step verification as an extra layer of protection.
  • Keep your laptop Webcams covered when not in use.
  • Stay protected from malware and phishing Attacks.
  • Protect your personal information on your social media account, and also monitor your social media accounts in order to identify any suspicious activity. You can also set and review privacy settings of your social media accounts.

Conclusion:

Sextortion cases has been increased in recent time. Knowing the risk, being aware of rules and regulations, and by following best practices will help in preventing such crime and help you to stay safe and also avoid the chance of being victimized. It is important to spreading awareness about such growing cyber crimes and empowering the people to report it and it is also significant to provide support to victims. Let’s all unite in order to fight against such cyber crimes and also to make life a safer place on the internet or digital space.

References:

#FactCheck – Dissecting False Claim: Free Recharge Deception with PM's Name.
#FactCheck – Dissecting False Claim: Free Recharge Deception with PM's Name.
10
January 28, 2024

Executive Summary:

The internet is a nest of scams and there's much need to be careful with predatory ideas that prey on the naïve people. Within the recent days, a malicious campaign has emerged falsely alleging 28 day free recharge by courtesy of the Prime Minister Narendra Modi. This blog seeks to analyze the tactics used by this scam in luring the victims and give an overview on how one can identify and keep away from such fraudulent activities.

Claim:

In view of the increasing support for the BJP 2024 election, a rumor has allegedly claimed that the Prime Minister Narendra Modi offering a free recharge with a validity period of up-to twenty eight days at cost of ₹239  to all Indian users. The message encourages the users to click on a given link in order to redeem the free recharge, pointing out that this offer is valid until January 26th of 2024.

The Deceptive Journey:

  • Insecure Links:The research begins with a suspicious link (http://offerintro[.]com/BJP2024), without any credibility that honest sites use to protect the user information. We should keep in mind that the links which aren’t secure may easily lead to phishing and other  cyber threats.
  • Multiple Redirects:When users click the link, they are immediately directed through a series of links. This common tactic used by scammers is designed to hide the true origin of their fraudulent scheme, making it difficult for users' efforts to identify the malicious activity.
  • False Promises and Fake Comments:The landing page has a banner of the Prime Minister Narendra Modi that makes it look like this is an official channel and hence authentic. Further, false comments can be also included to compliment the alleged initiative. But remember that genuine government announcements are made through legal channels, not by the shady websites.
  • Mobile Number Request:As the next step, the users enter their mobile numbers in the specified field. True initiatives never really need the personal information to pass through unofficial lines. This is actually a trick that scammers use to acquire the important information.
  • Share to Activate:Once a user has entered the mobile number, he/she is prompted to share the link with others in order to “activate” promised free recharge. This method is most often used by scammers for spreading their fraudulent message beyond the targeted victim.
  • Fake Progress Display:When the users have done their part by sharing the link, a false recharge in progress  bar is shown to make them believe that it has started. But the consumers are unwittingly playing a part in the fraud.
  • Recharge Completion Pop-up:The last stage of fraud includes a pop-up saying that the recharge is done; leaving users with the false belief that they have benefited from a legitimate government initiative.

What we Analyze :

  • It is important to note that at this particular point, there has not been any official declaration or a proper confirmation of an offer made by the Prime Minister or from their government. So, people must be very careful when encountering such messages because they are often employed as lures in phishing attacks or misinformation campaigns. Before engaging or transmitting such claims, it is always advisable to authenticate the information from trustworthy sources in order to protect oneself online and prevent the spread of wrongful information.
  • The campaign is hosted on a third party domain instead of any official Government Website, this raised suspicion. Also the domain has been registered in very recent times.

  • Domain Name: offerintro[.]com
  • Registry Domain ID: 2791466714_DOMAIN_COM-VRSN
  • Registrar WHOIS Server: whois.godaddy[.]com
  • Registrar URL: https://www.godaddy[.]com
  • Registrar: GoDaddy[.]com, LLC
  • Registrar IANA ID: 146
  • Updated Date: 2023-06-18T20:37:20Z
  • Creation Date: 2023-06-18T20:37:20Z
  • Registrar Registration Expiration Date: 2024-06-18T20:37:20Z
  • Name Server: ANAHI.NS.CLOUDFLARE.COM
  • Name Server: GARRETT.NS.CLOUDFLARE.COM

CyberPeace Advisory:

  • Stay Informed: Beware of the scams and keep yourself updated through authentic government platforms.
  • Verify Website Security: Do not get engaged with any insecure HTTP links but focus on URLs that have secure encryption (HTTPS).
  • Protect Personal Information: However, be cautious when sharing personal information – especially in a non-official channel.
  • Report Suspicious Activity: If you discover any scams or fraudulent activities, report it and the relevant sites to help avoid others from being defrauded of their hard earned money.

Conclusion:

Summing up, Prime Minister Narendra Modi Free Recharge fraud is an excellent illustration that there is always some danger within cyberspace. The way of the method, from insecure links and also multiple redirects to false promises and really data collection make it clear that internet users should be more careful. The importance of staying up-to-date with what is happening in this new digital world, verifying credibility and also privacy are paramount. By being cautiously aware, the people can keep themselves safe from such fraudulent acts and also play a role in ensuring security even for an online world. Remember that an offer which is in a perfect world should be illegal. Therefore, after doing a thorough research we found this campaign to be fake.


Centre Designates I4C as an Agency to Notify Unlawful Activities in the Cyber World
Centre Designates I4C as an Agency to Notify Unlawful Activities in the Cyber World
10
March 16, 2024

Introduction

Indian Cybercrime Coordination Centre (I4C) was established by the Ministry of Home Affairs  (MHA) to provide a framework and eco-system for law enforcement agencies (LEAs) to deal with cybercrime in a coordinated and comprehensive manner. The Indian Ministry of Home Affairs approved a scheme for the establishment of the Indian Cyber Crime Coordination Centre (I4C) in October2018, which was inaugurated by Home Minister Amit Shah in January 2020. I4C is envisaged to act as the nodal point to curb Cybercrime in the country. Recently, on 13th March2024, the Centre designated the Indian Cyber Crime Coordination Centre (I4C) as an agency of the Ministry of Home Affairs (MHA) to perform the functions under the Information Technology Act, 2000, to inform about unlawful cyber activities.

The gazetted notification dated 13th March 2024 read as follows:

“In exercise of the powers conferred by clause (b) of sub-section (3) of section 79 of the Information Technology Act 2000, Central Government being the appropriate government hereby designate the Indian Cybercrime Coordination Centre (I4C), to be the agency of the Ministry of Home Affairs to perform the functions under clause (b) of sub-section (3) of section79 of Information Technology Act, 2000 and to notify the instances of information, data or communication link residing in or connected to a computer resource controlled by the intermediary being used to commit the unlawful act.”

Impact

Now, the Indian Cyber Crime Coordination Centre (I4C) is empowered to issue direct takedown orders under 79(b)(3) of the IT Act, 2000. Any information, data or communication link residing in or connected to a computer resource controlled by any intermediary being used to commit unlawful acts can be notified by the I4C to the intermediary. If an intermediary fails to expeditiously remove or disable access to a material after being notified, it will no longer be eligible for protection under Section 79 of the IT Act, 2000.

Safe Harbour Provision

Section79 of the IT Act also serves as a safe harbour provision for the Intermediaries. The safe harbour provision under Section 79 of the IT Act states that "an intermediary shall not be liable for any third-party information, data, or communication link made available or hosted by him". However, it is notable that this legal immunity cannot be granted if the intermediary "fails to expeditiously" take down a post or remove a particular content after the government or its agencies flag that the information is being used to commit something unlawful. Furthermore, Intermediaries are also obliged to perform due diligence on their platforms and comply with the rules & regulations and maintain and promote a safe digital environment on the respective platforms.

Under the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, The government has also mandated that a ‘significant social media intermediary’ must appoint a Chief Compliance Officer (CCO), Resident Grievance Officer (RGO), and Nodal Contact Person and publish periodic compliance report every month mentioning the details of complaints received and action taken thereon.

I4C's Role in Safeguarding Cyberspace

The Indian Cyber Crime Coordination Centre (I4C) is actively working towards initiatives to combat the emerging threats in cyberspace. I4C is one of the crucial extensions of the Ministry of Home Affairs, Government of India, working extensively to combat cyber crimes and ensure the overall safety of netizens. The ‘National Cyber Crime Reporting Portal’ equipped with a 24x7 helpline number 1930,  is one of the key component of the I4C.

Components Of The I4C

  1. National Cyber Crime Threat Analytics Unit
  2. National Cyber Crime Reporting Portal
  3. National Cyber Crime Training Centre
  4. Cyber Crime Ecosystem Management Unit
  5. National Cyber Crime Research and Innovation Centre
  6. National Cyber Crime Forensic Laboratory Ecosystem
  7. Platform for Joint Cyber Crime Investigation Team.

Conclusion

I4C, through its initiatives and collaborative efforts, plays a pivotal role in safeguarding cyberspace and ensuring the safety of netizens. I4C reinforces India's commitment to combatting cybercrime and promoting a secure digital environment. The recent development by designating the I4C as an agency to notify the instances of unlawful activities in cyberspace serves as a significant step to counter cybercrime and promote an ethical and safe digital environment for netizens.

References

Become a part of our vision to make the digital world safe for all!

Numerous avenues exist for individuals to unite with us and our collaborators in fostering  global cyber security

Awareness

Stay Informed: Elevate Your Awareness with Our Latest Events and News Articles Promoting Cyber Peace and Security.

CyberPeace Corps Induction Workshop
The Missing Link Trust to combat online child trafficking
Cyber Safety Carnival
Safer Internet Day 2023
Facebook hit with fresh user data leak, claim researchers
State’s first ever eSports League Championship by CyberPeace
India-US CEO Forum Launches Bilateral Knowledge-Sharing Platform For Startups And MSMEs
Rise of Humanoids: The next great unfolding for the humanity

Engagement

Your institution or organization can partner with us in any one of our initiatives or policy research activities and complement the region-specific resources and talent we need.

Discover ways to collaborate
Request for Proposals

Play your part for CyberPeace

Donate to us directly to help us build more pioneering initiatives.

Donate Now