By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: On sale: 60,000 stolen digital IDs and “masks” that can be used to bypass anti-fraud systems
Share
Font ResizerAa
TechgoonduTechgoondu
Font ResizerAa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Enterprise > On sale: 60,000 stolen digital IDs and “masks” that can be used to bypass anti-fraud systems
EnterpriseInternetSoftware

On sale: 60,000 stolen digital IDs and “masks” that can be used to bypass anti-fraud systems

Alfred Siew
Last updated: August 13, 2020 at 11:25 PM
Alfred Siew
Published: April 11, 2019
3 Min Read
ILLUSTRATION: Pixabay (Creative Commons)

As many as 60,000 stolen digital identities that lets fraudsters easily assume a victim’s identity and commit credit card fraud have been put on sale online, according to a report by security firm Kaspersky on April 9.

The company said its investigations of a Darknet marketplace called Genesis has shown that hackers have stolen not just regular credit card details that can be detected by anti-fraud systems today, but also the digital “masks” that are used to accurately identify someone online.

A mask could include a number of things, such as a user’s browser or device used to make payments online, for example.

It could also include items such as headers, time zone, installed plugins, which banks can use to check if a user is logging in from his usual device or location.

Now, Kaspersky is saying that hackers have also stolen these “masks” that companies use to confidently identity a user who wants to buy an item or bank online. In other words, they are able to trick anti-fraud systems that are deployed to catch suspicious behaviour or unusual transactions.

These masks, along with user accounts, are being sold for between US$5 and US$200 each on the Genesis e-shop, according to the security firm.

Customers simply buy previously stolen digital masks together with stolen logins and passwords to online shops and payment services, and then launch them through a browser and proxy connection to mimic real user activity, it said.

If they have the legitimate user’s account credentials, the attacker can then access their online accounts or make new, trusted transactions in their name, it added.

“While the industry invests heavily in anti-fraud measures, digital doppelgangers are hard to catch. An alternative way to prevent the spread of this malicious activity is to shut down the fraudsters’ infrastructure,”
said Sergey Lozhkin, a security researcher at Kaspersky Lab.

“That is why we urge law enforcement agencies across the world to pay extra attention to this issue and join the fight,” he added.

Other tools enable attackers to create from scratch their own unique digital masks that won’t trigger anti-fraud solutions.

Kaspersky Lab says its researchers have investigated one such tool – a special Tenebris browser with an embedded configuration generator to develop unique fingerprints.

Once created, the carder can simply launch the mask through a browser and proxy connection and conduct any operations online.

The security firm encourages users to use multi-factor authentication at every stage of user validation processes and consider additional verification, such as biometrics.

Goondu review: Adobe Acrobat X Pro
Starcount brings entertainment charts to social media
StarHub unveils single-rate data roaming service
Outdated on arrival, ERP 2.0 is the type of costly technology project Singapore should avoid
What’s Google really doing in China?
TAGGED:cardingcybersecuritydiigtal IDKaspersky

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Whatsapp Whatsapp LinkedIn Copy Link Print
Avatar photo
ByAlfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Smart city spending in Asia-Pacific to rise in 2019, says IDC
Next Article Camera industry faces uphill battle as smartphones leap ahead with mobile photography
Leave a Comment

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

FacebookLike
XFollow

Latest News

Samsung The Frame Pro (2025) review: Appealing design, excellent images
Audio-visual
July 1, 2025
AWS opens Asia-Pacific innovation hub in Singapore
Enterprise
June 30, 2025
Red Hat pitches open-source software for more efficient AI inference
Enterprise Software
June 27, 2025
Owndays x Huawei Eyewear 2 review: Music on your smart glasses
Audio-visual Mobile
June 26, 2025

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
© 2024 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact
Follow Us!
Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Username or Email Address
    Password

    Lost your password?