As the AI universe expands, so have the cybercriminals that use AI for hacking. Recent reports are showing that bank attacks using AI has increased over 400%, with savvy criminals staying ahead of anti-fraud measures. Another report for 2025 has identified 1,243 financial brands as their main targets in 90 countries and 34 active malware families. iPhone and Android users make up a large bulk of mobile phones and this group is the most vulnerable for AI financial attacks.
To understand the veracity and power behind these attacks one needs to comprehend the speed at which threat actors are adapting. In the past it would take weeks of reverse engineering by skilled coders; and now, it takes only hours. AI has enabled variants to be generated more quickly than the detection programs can offer responses. Each level of these attacks is becoming cheaper and more difficult to halt.
Darksword in an iPhone hack exploit chain that is a no-app-install and no-click. It only requires visiting the website and the device that’s used becomes instantly compromised. Hackers are using development that is AI-assisted so that the harmful malware is faster, cheaper and more easily available.
GoldPickAxe is a Chinese-developed malware that works across Android and iOS devices. It acts like an app from government service so that it tricks users to be able to scan their faces. The threat actors can then use the scans for the creation of deepfakes that will cut through the type of biometric checks for security that banks use. While this malware is mostly used in Southeast Asian countries, it’s anticipated to spread. Faceswaps are now an easy tool for hackers.
Even the most diligent security systems are now being crossed over as the technology for deepfake has officially caught up and superseded mechanisms for biometric authentication. AI has enabled cybercriminals to have speed, accuracy, control and power.
The Bank of Thailand has taken this problem head on. The bank has created massive policy changes that require major transactions and new accounts to have facial recognition, the adjustment of daily transfer limits including limitation caps on large transfers, and email and SMS changes.
For the general public this almost seems like yet another daunting task. The best way the average mobile phone user can protect themselves is to make use of security that involves multi-authentication with multiple layers of technologies designed for cybersecurity. This can include MFA (multifactor authentication) that is a prevention tool built in to curb any attacks before they happen.
Biometrics such as fingerprint or facial scanning have become a preferred authentication process for security. This is especially true for use with smart devices that access online apps and accounts. In a 2023 survey it was found that 27% of those responding used biometrics in varying countries. Another survey showed that around 60% of those responding within the cybersecurity and IT leaders in the U.S. included biometrics as their expected replacement for passwords in the workplace.
“As the world transitions to new methods of cyber protection there will be an uptick of what we all consider to be “normal.” We are currently making the transition to the highest advances in biometrics so that all of our devices can be protected and our private data can be secure.”
– Sharon Knowles, CEO DaVinci Cybersecurity
Source:
https://share.newsbreak.com/i0766jox?s=i16
https://www.eset.com/blog/en/home-topics/cybersecurity-protection/protect-phone-face-stealing-scams
