AVID-2023-V005

Description

Camera Hijack Attack on Facial Recognition System

Details

This type of camera hijack attack can evade the traditional live facial recognition authentication model and enable access to privileged systems and victim impersonation.

Two individuals in China used this attack to gain access to the local government’s tax system. They created a fake shell company and sent invoices via tax system to supposed clients. The individuals started this scheme in 2018 and were able to fraudulently collect $77 million.

References

• Camera Hijack Attack on Facial Recognition System
• Faces are the next target for fraudsters

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0403: Adversarial Example
• Lifecycle stages: L06: Deployment

Affected or Relevant Artifacts

• Developer:
• Deployer: Shanghai government tax office’s facial recognition service
• Artifact Details:

  Type	Name
  System	Shanghai government tax office’s facial recognition service

Other information

• Vulnerability Class: ATLAS Case Study
• Credits: Ant Group AISEC Team
• Date Published: 2023-03-31
• Date Last Modified: 2023-03-31
• Version: 0.2
• AVID Entry