<— Back

Rise of Synergistic threats: Deception, face swap, GenAI, and obscure Crypto DEX, following the trail of evasive iOS and Android apps

Synergistic refers to the idea that combined elements or efforts produce a greater effect together than the sum of their individual effects. Synergetic threats refer to how the  interaction or cooperation of multiple individual innocuous looking elements results in an outcome that would be classified as a threat when you combine those elements. Generative AI (GenAI) into the mix, the threat becomes more potent and dangerous.

We have noticed that in the last few years, with the advance of technology, there has been a rise of threats that only look malicious when you combine elements together. These could be fake reward-based e-shopping apps, fraud apps, and fake romance and investment scam apps.

A relatively new shopping app or investment or cryptocurrency app wouldn’t look malicious until you check the source, how it was distributed and made to install using social engineering, and finally know that they lost money.

There are several stages to these apps, starting from choosing victims to deceiving app store reviews, social engineering, and finally using multiple wallets, obscure decentralised exchanges, and money mules to extract money.

With the advance and availability of GenAI, we have noticed and read about increased use of face swapping using AI generated images, using auto-generated text and voice for communication, and script generation.

In this presentation, we will –

• Discuss what are Synergistic mobile threats and why we think it’s increasingly difficult to identify them.
• Discuss different types and stages of Synergistic threats.
• How they appear innocuous and change to evade App store reviews
• Gen AI use, discuss freely available tools, share screenshots sent by victims, and adverts of Gen AI tools used by threat actors
• Discuss the money trail use of threat actors including use of obscure Cryptocurrency DEX.