Cyber-criminals have increasingly utilized specialized mobile Android OS device spoofing tools to bypass anti-fraud controls and impersonate compromised account holders.
According to a new report by Resecurity’s Hunter threat intelligence unit, the emerging trend poses significant challenges for online banking, payment systems, advertising networks and online marketplaces worldwide.
“While desktop-based anti-detect browsers have been used by threat actors since at least 2014 to get around account bans and otherwise manipulate systems, the emergence of adversarial mobile OS-based tools represents a new frontier in cyber-criminal innovation,” the company wrote.
Mobile anti-detect tools enable fraudsters to exploit stolen cookie files, manipulate device identifiers and utilize victims’ unique network settings with alarming efficiency. By impersonating legitimate customers, cyber-criminals can also access compromised accounts and carry out fraudulent activities undetected.
“Hunter researchers first mined intelligence about these tools from various underground communities, including XSS (the top Russian cyber-criminal forum on the Dark Web) and several private Telegram groups that provide vetted members access to specialized attack kits frequently used for online banking theft and fraud,” reads the report.
These tools work by altering the data parameters that anti-fraud solutions rely on to authenticate customer identities and identify device fingerprints. By evading these controls, cyber-criminals can effectively carry out online identity fraud, targeting banking websites, e-commerce portals and other online marketplaces.
Resecurity warned that as mobile-based anti-detect tools gain wider adoption, the risk of fraud attacks from sophisticated threat actors exploiting anti-fraud technologies increases.
“Mobile clients are a known ‘blind spot’ for most anti-fraud providers,” the firm wrote. “Financial institutions (FIs) are trying to balance security and user-friendliness for their customers, ultimately enabling them to use various payment services and investment offerings without being blocked.”
In response to these challenges, organizations must develop enhanced fraud mitigation controls and stay updated on the latest trends in cybercrime.
“Stakeholders at FIs, payment firms, and online retailers should stay up to date on the latest fraud trends and look to develop better risk-based mitigation controls that enhance fraud prevention and consumer protection,” concludes the report.
Its publication comes a few months after Armorblox shed light on a new business email compromise (BEC) scheme.