Crooks are selling “Digital Doppelgangers” to bypass anti-fraud protection

Financial Crimes to Reach an Unprecedented High by 2023 if Dark Web marketplaces like Genesis are allowed to Operate- Researchers Claim.

According to the latest research from Juniper Research, cybercriminals have developed a wide range of advanced tools to help users evade machine learning-based anti-fraud systems. On the other hand, Kaspersky Lab researchers have identified that there is a shop on the Dark Web where more than 60,000 digital doppelgangers are traded, and the same cybercriminals own the shop who have developed the anti-fraud system bypass tools.

See: Dark web hacker selling admin access to a Chinese railway company

Juniper Research claims that online payment frauds will reach over $43 billion by the year 2023, which means the losses will almost double from the amount in 2018, which was $22 billion. In their blog post, Kaspersky researchers wrote that this isn’t very surprising given the level of advancement cybercriminals have reached in developing malicious software and security evasion tools:

“This is not surprising – every day cyber criminals develop new methods and tools to bypass anti-fraud protection systems, they develop malware to help them in their activities, create services and stores, discuss ways to defeat protection mechanisms on dark web forums and channels.”

Genesis, the Dark Web marketplace, is one such place where criminals can easily trade digital doppelgangers and facilitate users in committing all sorts of frauds. With over 60,000 legitimate digital identities up for sale, carrying out credit card fraud will become very convenient.

Crooks are selling "Digital Doppelgangers" to bypass anti-fraud protection
Genesis marketplace homepage

The primary purpose behind Genesis is to help users abuse digital doppelgangers that are part of the machine learning-based anti-fraud systems. This is the same technology that is commonly used in online security mechanisms where users are required to enter their personal, financial, and payment-related information while making online transactions.

For your information, every user is assigned a unique digital doppelganger that is a combination of the digital fingerprints stored on the device, which include IP address both local and external, GPU information, firmware version, WebRTC IPs, and TCP/IP fingerprinting, etc.

These masks are commonly used for making online payments using advanced analytics and machine learning that assesses different factors like user’s behavior and individual cookies. These digital doppelgangers can be bought by Genesis customers and they can easily hijack authentic online shoppers.

Kaspersky Lab researchers noted that the advanced anti-fraud solutions can assess the social network accounts of a user including different behavioral aspects such as the time spent on an online store website as well as touchscreen or mouse behavior.

See: 235 members of dark web money counterfeiting gang busted

Researchers also identified that on the Genesis Dark Web marketplace user accounts and digital doppelgangers are sold between $5 and $200 per account. Customers can buy digital masks along with login credentials of online payment services and shops.

Furthermore, they can launch the credentials via a browser and proxy connection. Genesis owners have also developed a .crx plugin for Chromium-based browsers including Microsoft’s recently released Edge Chromium, which can be used to install stolen digital doppelgangers in their browser and mimic user activity.

Crooks are selling "Digital Doppelgangers" to bypass anti-fraud protection
Genesis fingerprint generator

“After that, the bad guy only needs to connect to a proxy server with an IP address from the victim’s location and he can bypass the anti-fraud systems’ verification mechanisms, pretending to be a legitimate user,” researchers noted.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

Related Posts