Its customers simply buy previously stolen digital masks together with stolen logins and passwords to online shops and payment services and then launch them through a browser and proxy connection to mimic real user activity. If they have the legitimate user’s account credentials, the attacker can then access their online accounts or make new, trusted transactions in their name.

Kaspersky Lab has published the results of an investigation into Genesis - an e-shop that is trading over 60,000 stolen and legitimate digital identities, making successful credit card fraud that is much easier to conduct. In February 2019, Kaspersky Lab research uncovered the Genesis Darknet marketplace – an online shop selling stolen digital masks and user accounts at prices ranging from 5 to 200 each. These masks are unique to each user and combine the fingerprints of devices and browsers commonly used to make payments/bank online (like screen and OS information, a range of browser data like headers, time zone, installed plugins, window size etc.Other tools enable attackers to create from scratch Rubber gasket Manufacturers their own unique digital masks that won’t trigger anti-fraud solutions. This marketplace, as well as other malicious tools, involve abusing the machine-learning based anti-fraud approach of ‘digital masks’: a unique, trusted customer profile based on known device and behaviour characteristics. Once created, the carder can simply launch the mask through a browser and proxy connection and conduct any operations online.

That way, the financial organizations’ anti-fraud teams can determine whether it is truly us entering our credentials, or a malicious carder trying to buy goods using a stolen card, and either approve or deny the transaction or send it on for further analysis.However, the digital mask can be copied or created from scratch, and Kaspersky Lab’s investigation has found that cybercriminals are actively using such digital doppelgangers to bypass advanced anti-fraud measures.

This marketplace involves abusing the machine-learning based anti-fraud approach of ‘digital masks.. Kaspersky Lab researchers have investigated one such tool, a special Tenebris browser with an embedded configuration generator to develop unique fingerprints.) with advanced analytics and machine learning (the individual user’s cookies, online and computer behavior, etc. The digital mask can be copied or created from scratch, and Kaspersky Lab’s investigation has found that cybercriminals are actively using such digital doppelgangers to bypass advanced anti-fraud measures.Every time we enter our financial, payment and personal information in an online transaction, advanced, analytics, machine learning anti-fraud solutions match us against something called a digital mask