banks, financial services providers and cryptocurrency platforms, and their customers deepfake…

MITRE ATLAS flags deepfake KYC threat using face-swap tools. The published scenario outlines how attackers can use widely available face-swap tools and virtual camera software to inject deepfake imagery into mobile onboarding journeys, bypass so-called liveness checks and complete identity verification under a false identity. The team first gathered identity data and high-definition facial images of targets from online sources. They then used Faceswap, a desktop application that applies generative AI, to create live face-swapped videos. The Red Team next configured Open Broadcaster Software to stream these videos. They added Virtual Camera: Live Assist, an Android app that replaces the phone's default camera feed with an incoming video stream. The system accepted the feed, and the liveness check did not flag the session as suspicious. This process enabled successful authentication under a fictitious identity.