Connect with us

Hi, what are you looking for?

HEADLINES

Underground e-shop trades over 60,000 stolen and legitimate digital identities

Kaspersky Lab has published the results of an investigation into Genesis — an e-shop that is trading over 60,000 stolen and legitimate digital identities, making successful credit card fraud much easier to conduct. This marketplace as well as other malicious tools involve abusing the machine-learning based anti-fraud approach of “digital masks” — unique, trusted customer profiles based on known device and behavior characteristics.

Every time we enter our financial, payment and personal information in an online transaction, advanced, analytic, machine learning anti-fraud solutions match us against something called a digital mask.

Such a mask is unique to each user and combine the fingerprints of devices and browsers commonly used to make payments/bank online (like screen and OS information, a range of browser data like headers, time zone, installed plugins, window size, etc.) with advanced analytics and machine learning (the individual user’s cookies, online and computer behavior, etc.).

That way, the financial organizations’ anti-fraud teams can determine whether it is truly us entering our credentials, or a malicious carder trying to buy goods using a stolen card, and either approve or deny the transaction, or send it on for further analysis.

Advertisement. Scroll to continue reading.

However, a digital mask can be copied or created from scratch and Kaspersky Lab’s investigation has found that cybercriminals are actively using such digital doppelgangers to bypass advanced anti-fraud measures.

In February 2019, Kaspersky Lab’s research uncovered the Genesis Darknet marketplace — an online shop selling stolen digital masks and user accounts at prices ranging from $5 to $200 each (260 to 10,000 pesos in local currency, to date ). Its customers simply buy previously stolen digital masks together with stolen logins and passwords to online shops and payment services, and then launch them through a browser and proxy connection to mimic real user activity. If they have the legitimate user’s account credentials, the attacker can then access their online accounts or make new, trusted transactions in their name.

“We see a clear trend of carding fraud increasing around the world. While the industry invests heavily in anti-fraud measures, digital doppelgangers are hard to catch. An alternative way to prevent the spread of this malicious activity is to shut down the fraudsters’ infrastructure. That is why we urge law enforcement agencies across the world to pay extra attention to this issue and join the fight,” said Sergey Lozhkin, security researcher, Kaspersky Lab.

Other tools enable attackers to create from scratch their own unique digital masks that won’t trigger anti-fraud solutions. Kaspersky Lab researchers have investigated one such tool, a special Tenebris browser with an embedded configuration generator to develop unique fingerprints. Once created, the carder can simply launch the mask through a browser and proxy connection and conduct any operations online.

In order to enhance security, Kaspersky Lab recommends businesses implement the following measures:

Advertisement. Scroll to continue reading.

·        Enable multi-factor authentication at every stage of user validation processes.

·        Consider introducing new methods of additional verification, such as biometrics.

·        Harness the most advanced analytics for user behavior.

·       Integrate Threat Intelligence feeds into SIEM and other security controls in order to get access to the most relevant and up-to-date threat data, and to prepare for possible future attacks.

A blog summarizing the Digital Doppelgangers threat can be found on Securelist.

Advertisement. Scroll to continue reading.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The cybersecurity landscape is fast changing, and businesses across all industries as well as consumers are facing evolving threats to their data and privacy....

HEADLINES

Pondering on the significant events and trends that shaped the financial threats’ sector in 2021, Kaspersky researchers have forecasted several important tendencies expected to...

HEADLINES

As organizations worldwide slow down for the holidays as well as find themselves in work environment transitions - with many returning to pre-pandemic in-office...

HEADLINES

Deep learning models have reached the point where they can train themselves to enable security systems to predict threats before they happen.

SOFTWARE

MicroWorld's latest offering aims to reinvent cybersecurity in the face of an ever-evolving threat landscape, especially in light of the ongoing pandemic. The cyber...

HEADLINES

When you compare the immense financial losses that a breached company suffers with the much smaller-scale financial transactions taking place on these criminal forums,...

HEADLINES

The vast majority (70%) of all IT teams said the number of phishing emails hitting their employees increased during 2020. This rose to 82%...

HEADLINES

According to WorldRemit, there are four industry-wide scams that Filipinos should be aware of this 2021: “email scams, online dating scams, shopping scams and...

Advertisement