Home » Database



Camera Hijack Attack on Facial Recognition System


This type of camera hijack attack can evade the traditional live facial recognition authentication model and enable access to privileged systems and victim impersonation.

Two individuals in China used this attack to gain access to the local government’s tax system. They created a fake shell company and sent invoices via tax system to supposed clients. The individuals started this scheme in 2018 and were able to fraudulently collect $77 million.


AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0403: Adversarial Example
  • Lifecycle stages: L06: Deployment

Affected or Relevant Artifacts

  • Developer:
  • Deployer: Shanghai government tax office’s facial recognition service
  • Artifact Details:
    SystemShanghai government tax office’s facial recognition service

Other information

  • Vulnerability Class: ATLAS Case Study
  • Credits: Ant Group AISEC Team
  • Date Published: 2023-03-31
  • Date Last Modified: 2023-03-31
  • Version: 0.2
  • AVID Entry