iProov warns of new deepfake injection tool for iOS

It’s one thing to sound the alarm about deepfakes and injection attacks, but actually finding and identifying the weapons is another. This is what makes iProov’s latest discovery so intriguing. In a new report, the UK biometrics firm says it has uncovered a “highly specialized tool designed to perform advanced video injection attacks,” which works on modified iOS 15 devices.

“The tool is deployed via jailbroken iOS 15 or later devices and is engineered to bypass weak biometric verification systems – and crucially, to exploit identity verification processes that lack biometric safeguards altogether.” This, says iProov, signals “a shift toward more programmatic and scalable attack methods,” and marks a significant escalation in identity fraud.

And the plot is even thicker: iProov says the tool has “Chinese origins,” which makes the appearance of a sophisticated new injection attack tool “a matter of national security interest.”

Andrew Newell, chief scientific officer at iProov, says “the tool’s suspected origin is especially concerning and proves that it is essential to use a liveness detection capability that can rapidly adapt.”

The iOS video injection attack tool relies on hacked phones that have had native Apple security restrictions removed. The attacker uses a Remote Presentation Transfer Mechanism (RPTM) server to connect their computer to the compromised iOS device. The tool is then ready to inject deepfake content directly into the device’s video stream.

“These can include face swaps, where a victim’s face is superimposed over another video, or motion re-enactments, where a static image is animated using another person’s movements,” says iProov’s post. The process completely bypasses the physical camera by fooling the streaming application into believing the fraudulent video is a genuine feed.

All it takes then is for an injected deepfake to pass identity verification, opening the door to identity theft and fraud.

“To combat these advanced threats, organizations need multilayered cybersecurity controls informed by real-world threat intelligence,” says Newell. The company believes the best protection simultaneously confirms identity verification, liveness detection, a real-time passive challenge-response interaction “to ensure the verification is happening live and is not a replay attack,” and combining advanced technologies with human expertise.

Article Topics

AI fraud  |  biometric liveness detection  |  deepfake detection  |  face swap  |  injection attack detection  |  iOS  |  iProov