Hackers spoofed biometric authentication videos to steal millions in China

facial-recognition-database

A Chinese government facial recognition ID authentication tool recently was hacked, according to media reports. The biometric data stolen was used to create fake tax invoices.

High-resolution images of people were made to look live, for the crime, with each “nodding, shaking, blinking and opening their mouths,” according to the South China Morning Post, presumably to beat a biometric presentation attack detection (PAD) system

According to Morning Post, reporting on an article in the Xinhua Daily Telegraph, the sophisticated biometric spoof attack and theft is being attributed to a pair of hackers with the surname Wu and Zhou.

They allegedly netted 500 million yuan, or US$76.2 million, operating for less than two years. Shanghai authorities in January posted online that the two had been prosecuted.

The Morning Post reported that the team purchased biometric information on the black market. Armed with the personal data and augmented pictures, the hackers used a shell company to send fraudulent tax invoices to the company’s “clients.”

The hackers hijacked phone cameras so that people would try to authenticate themselves with video, but that information went nowhere.

The Morning Post also reports online services for defeating face biometric systems are available for 30 to 250 yuan ($4.58 to $38.15).

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   | 

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Research

Biometrics White Papers

Biometrics Events

Explaining Biometrics