AVID-2023-V005

Vulnerability from avid – Published: 2023-03-31 – Updated: 2023-03-31 ATLAS Case Study
Summary
This type of camera hijack attack can evade the traditional live facial recognition authentication model and enable access to privileged systems and victim impersonation. Two individuals in China used this attack to gain access to the local government's tax system. They created a fake shell company and sent invoices via tax system to supposed clients. The individuals started this scheme in 2018 and were able to fraudulently collect $77 million.
Risk domain
Security
SEP view
S0403: Adversarial Example
Lifecycle
L06: Deployment
Affected artifacts
References
URL Label
https://atlas.mitre.org/studies/AML.CS0004 Camera Hijack Attack on Facial Recognition System
https://www.wsj.com/articles/faces-are-the-next-t… Faces are the next target for fraudsters

{
  "affects": {
    "artifacts": [
      {
        "name": "Shanghai government tax office\u0027s facial recognition service",
        "type": "System"
      }
    ],
    "deployer": [
      "Shanghai government tax office\u0027s facial recognition service"
    ],
    "developer": []
  },
  "credit": [
    {
      "lang": "eng",
      "value": "Ant Group AISEC Team"
    }
  ],
  "data_type": "AVID",
  "data_version": "0.2",
  "description": {
    "lang": "eng",
    "value": "This type of camera hijack attack can evade the traditional live facial recognition authentication model and enable access to privileged systems and victim impersonation.\n\nTwo individuals in China used this attack to gain access to the local government\u0027s tax system. They created a fake shell company and sent invoices via tax system to supposed clients. The individuals started this scheme in 2018 and were able to fraudulently collect $77 million.\n"
  },
  "impact": {
    "avid": {
      "lifecycle_view": [
        "L06: Deployment"
      ],
      "risk_domain": [
        "Security"
      ],
      "sep_view": [
        "S0403: Adversarial Example"
      ],
      "taxonomy_version": "0.2"
    }
  },
  "last_modified_date": "2023-03-31",
  "metadata": {
    "vuln_id": "AVID-2023-V005"
  },
  "problemtype": {
    "classof": "ATLAS Case Study",
    "description": {
      "lang": "eng",
      "value": "Camera Hijack Attack on Facial Recognition System"
    },
    "type": "Advisory"
  },
  "published_date": "2023-03-31",
  "references": [
    {
      "label": "Camera Hijack Attack on Facial Recognition System",
      "type": "source",
      "url": "https://atlas.mitre.org/studies/AML.CS0004"
    },
    {
      "label": "Faces are the next target for fraudsters",
      "type": "source",
      "url": "https://www.wsj.com/articles/faces-are-the-next-target-for-fraudsters-11625662828"
    }
  ],
  "reports": null
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…