Recent investigations have unveiled a troubling trend where cybercriminals are leveraging illicit tools available on Telegram to circumvent banking security measures. A vivid illustration of this is a money-laundering operation in Cambodia, where an employee of a laundering center manipulates a popular Vietnamese banking app. During a video liveness check designed to verify the user’s identity, the scammer holds up a static image of a woman that bears no resemblance to the actual account owner. This deceptive tactic is made possible by virtual camera technology, which allows users to present pre-recorded videos or images instead of live feeds, effectively bypassing the Know Your Customer (KYC) protocols that financial institutions rely on to prevent fraud.
The ongoing cat-and-mouse game between criminals and the financial services sector has intensified as scammers utilize a range of hacking services advertised on various Telegram channels. A recent investigation by MIT Technology Review identified numerous channels promoting these bypass kits, which claim to enable users to sidestep stringent compliance checks imposed by major banks and cryptocurrency exchanges. These tools often promise to compromise phone operating systems and exploit vulnerabilities within banking applications. Despite Telegram’s efforts to remove such accounts for violating its terms of service, similar marketplaces continue to thrive, showcasing the growing sophistication of cybercrime.
Concurrently, the rise in KYC bypasses correlates with a broader increase in cyber scams, particularly those related to cryptocurrency. Regulatory scrutiny is tightening globally as governments respond to the influx of illicit funds, with countries like Vietnam and Thailand mandating enhanced customer verification and fraud monitoring. According to Chainalysis, the amount stolen through crypto scams surged in recent years, highlighting the urgent need for robust anti-money-laundering measures. Financial institutions named as targets, including Binance and BBVA, acknowledge the challenge posed by these bypass attempts but emphasize their commitment to maintaining secure systems. As this landscape evolves, the cybersecurity community remains vigilant, working to uncover and counteract these increasingly sophisticated attacks on financial safety.
Source: Cyberscammers are bypassing banks’ security with illicit tools sold on Telegram via MIT Technology Review