California-based Resecurity has identified a new spike of underground services enabling bad actors to generate deepfakes.
According to cybersecurity experts, this may be used for political propaganda, foreign influence activity, disinformation, scams, and fraud.
Introduced by Canadian researchers to the public in 2014, Generative Adversarial Networks (GANs), typically imitate people’s faces, speech, and unique facial gestures, they have become known to online communities as DeepFakes.
One of the recently identified underground services – “RealDeepFake”, readily available through Telegram groups. For a small fee, the service allows actors to create a deepfake instance with their selected character which they then apply a voice over from a chosen script, they can also include effects and text. The service leverages technologies such as VoiceR and Lipsing to change the voice so it sounds like the chosen character.
Examples of these DeepFakes include the impersonation of celebrities such as Elon Musk, Snoop Dog, Donald Trump, and The Rock. The scammers are also using DeepFakes to credibly impersonate C-Suite executives in video chats or phone calls to issue fraudulent wire transfer instructions to their colleagues and personnel.
The accelerating rise of deepfake BEC and Phishing Frauds targeting the Web3 community comes amidst the backdrop of Federal Trade Commission reports that American consumers have lost over $1 billion in crypto because of scams since the start of 2021. The experts highlight deepfakes will be likely used by bad actors to provide misleading information about cryptocurrency, as well as Initial Coin Offerings (ICOs), using profiles of celebrities.
Resecurity expects to see more hybrid attacks that combine convincing email and social media blasts, fraudulent mints, and expertly rendered deepfakes of high-profile Web3 influencers to deceive both everyday consumers and crypto professionals alike.
(SecurityAffairs – hacking, Deepfakes)