Hackers steal faces to create deepfakes and empty bank accounts

Hackers steal faces to create deepfakes and empty bank accounts

EXECUTIVE SUMMARY:

A new form of mobile malware is designed to harvest personal information, including facial biometric data, which hackers then process for the purpose of generating deepfakes. Once the deepfakes are deployed, they deceive electronic security systems, allowing hackers to break into bank accounts and disappear with the funds.

The hackers are also impersonating local bank representatives and government organizations, as this multi-part malware scheme relies on the provisioning of select verbal commands. One early victim of the scheme lost approximately $40,000, according to police.

Biometric data theft

Known as GoldPickaxe, the malware is disguised as one of roughly two dozen apps. The malware can steal photos stored on a device, request information from users during a supposed app onboarding process, and prompt people to photograph both sides of an official identity card, which allows the app to gather profile pictures. All data is then sent to an attacker-controlled cloud bucket.

Cyber security researchers believe that the Chinese-speaking threat actor group called GoldFactory is likely responsible for the malware. The group is also known for the creation of GoldDigger, GoldDiggerPlus and GoldKefu — all banking trojans.

“The gang has well-defined processes and operational maturity and constantly enhances its tool set to align with the targeted environment, showing a high proficiency in malware development,” says malware analyst Andrey Polovinkin.

Asia-Pacific risk

At present, GoldFactory predominately targets people in the Asia-Pacific region. Police have identified victims in Vietnam and Thailand.

In March of 2023, Thailand’s central bank ordered banks around the nation to comply with new mobile banking security requirements. This involves the use of biometric authentication whenever someone attempts to open a new bank account or attempts to facilitate digital financial transfers of more than 50,000 bhat. GoldPickaxe emerged three months after these security measures were implemented, seemingly in an effort to circumvent them.

Given the ubiquity of facial recognition as an access and security feature across banks, both in Asia and elsewhere, the malware threatens to become a global menace. GoldPickaxe-like malware could be adopted by other threat groups and/or incorporated into existing malware strains.

GoldPickaxe is available for both Android and iOS, which is extremely rare. In general, Apple iOS blocks the installation of unapproved apps.

In this case, attackers attempt to socially engineer victims into installing the malware — either via Apple’s online TestFlight service (for app beta-testing) or by allowing a device to be enrolled in an attacker-controlled mobile device management program.

Why this malware is effective

This malware is effective for two reasons: The first is that deepfake technology is now more sophisticated, it’s “smarter,” than biometric authentication mechanisms.

Facial recognition systems that don’t use 3D data are relatively easy to bypass using images.

The second is that the vast majority of security professionals, product developers and the general public lack awareness of the fact that deepfakes can fool biometrics-based systems.

Further thoughts

This malware remains in an active stage of evolution. Ensure that you and your organization stay up-to-date regarding the latest cyber threats. Subscribe to the CyberTalk.org newsletter here.

Lastly, for more threat intelligence insights, please download Check Point’s 2024 Security Report.

Sony Testing PC Support For PlayStation VR2

Sony Testing PC Support For PlayStation VR2

PlayStation VR2 launched in February of last year and while its debut featured new first-party titles like Horizon Call of the Mountain, our favorites on the new platform featured previously released titles like Resident Evil Village. Since that launch, support for the platform has been sparse, to say the least, especially from PlayStation itself. However, Sony has revealed it is currently testing PC support for PS VR2, with hopes to make that support available this year. 

“[We’re] pleased to share that we are currently testing the ability for PS VR2 players to access additional games on PC to offer even more game variety in addition to the PS VR2 titles available through PS5,” a new PlayStation Blog post published today reads. “We hope to make this support available in 2024, so stay tuned for more updates.”

[embedded content]

The rest of the blog goes on to detail new and upcoming titles coming to PS VR2, but those are going to be playable with PlayStation 5 consoles. However, it sounds like PC support, which could open up a flood gate for new VR content, might arrive later this year. 

For more about the hardware, read Game Informer’s PS VR2 review, and then read Game Informer’s Horizon Call of the Mountain review. After that, read about why Resident Evil Village is the PS VR2’s best exclusive, and then check out these 10 games to play using your VR headset

Are you interested in PC support for PS VR2? Let us know in the comments below!

Defending Democracy In Helldivers 2 | GI Live

Defending Democracy In Helldivers 2 | GI Live

Alien bugs, killer robots, and more threaten the infallible democracy of Super Earth – it’s up to us to defend her! Join Marcus Stewart, Kyle Hilliard, and (eventually) Alex Van Aken as they squad up in Helldivers 2. Their freedom-fueled campaign result is a tumultuous, bamboozling, action-packed, and, ultimately, hilarious romp. For more on Helldivers 2, be sure to check out our glowing review

[embedded content]

To watch more of our livestreams, video podcasts, and series such as Super Replay, be sure to visit and subscribe to our second YouTube channel, Game Informer Shows. Head over to our flagship Game Informer YouTube channel for more previews, reviews, and discussions of new and upcoming games. 

Nier Creator Yoko Taro Reportedly Teases Nier 3 At Series Orchestra Concert

Nier Creator Yoko Taro Reportedly Teases Nier 3 At Series Orchestra Concert

Nier series creator Yoko Taro reportedly teased a third Nier game during the Nier: Orchestra Concert earlier this month. As reported by Eurogamer, during the concert, which celebrated the Nier series’ music in London, Taro apparently made a surprise appearance and asked for people to clap and cheer as loudly as they could so that Square Enix president Takashi Kiryu – in attendance – could hear the demand for more Nier, according to one fan at the event. 

However, the biggest tease of the night came from an on-screen word that appeared multiple times throughout “the story of the show,” SanTheSly, the fan in attendance, writes on ResetEra

[embedded content]

“[The] word REPENT was shown repeatedly as part of some dialogue,” SanTheSly writes. “The final instance was spelled as R3PENT. Both me and the person I’d gone with picked up on it and wondered if this was a tease.” 

That sounds like a tease to us; otherwise, why else change the word “repent” to randomly feature a “3.” However, some fans of the series already consider Nier Reincarnataion, a mobile gacha game shutting down in April, to be the third game in the series. On that timeline, Nier (and its remastered Nier: Replicant counterpart) is the first in the franchise and Nier: Automata the second. If Nier Reincarnation isn’t the true third Nier game, perhaps Taro was teasing that could be on the way – Nier Repent does have a nice ring to it. 

[Source: Eurogamer]

Do you want a third Nier game? Let us know in the comments below!

Ender Lilies Sequel Ender Magnolia: Bloom of the Mist Enters Early Access Next Month

Ender Lilies Sequel Ender Magnolia: Bloom of the Mist Enters Early Access Next Month

During last week’s Nintendo Direct: Partner Showcase, it was revealed that the 2021 action Metroidvania Ender Lilies: Quietus of the Knight is getting a sequel in the form of Ender Magnolia: Bloom of the Mist. The initial trailer provided a vague 2024 launch window, but we now know it’s hitting Steam Early Access first on March 26. 

Ender Magnolia: Bloom in the Mist is set within the same universe as Ender Lilies but takes place in the magically saturated Land of Fumes. A mind-warping toxin has been unleashed from the magic-infused soil and dangerous Homunguli ravages the land. It’s up to protagonist Lilac, an “Attunder” capable of cleansing Homunguli, to save the day. You can check out the game’s new trailer below.

[embedded content]

Like Ender Lilies, Ender Magnolia is a dark fantasy Metroidvania in which Lilac is paired with another entity who actually handles the killing: a Spirit Reaper capable of killing Homunguli, which, in turn, adds their abilities to your arsenal. The sprawling 2D adventure tasks players with discovering hidden collectibles, gear, and items to bolster their ability to tackle a variety of bosses.

While it’s unknown exactly how long Ender Magnolia will be in Early Access, Ender Lilies also went through an Early Access phase that wound up working to the game’s benefit. Ender Magnolia: Bloom in the Mist is slated to launch for PlayStation and Xbox platforms as well as Switch later this year. In the meantime, you can read our positive review of the Ender Lilies: Quietus of the Knight here.