Even strong passwords on your device can be compromised, says expert

by Staff Reporter
Dmitry Volkov, CEO of Group-IB

Despite the widespread use of strong passwords and facial recognition technology, these security measures might not be enough to protect against today’s sophisticated cybercriminals, according to an expert.

Speaking to Dubai Newsweek on the sidelines of the launch of the company’s High-Tech Crime Trends Report 2025, Dmitry Volkov, CEO of Group-IB, said that cybercriminals are increasingly exploiting advanced technologies to bypass traditional security measures.

“Cybercriminals are using sophisticated methods like deepfakes to compromise even the most secure systems. It’s no longer just about breaking passwords; it’s about manipulating the very technologies we rely on for security,” Volkov said.

He highlighted how attackers infect mobile devices with malware that interacts with the phone’s camera, allowing cybercriminals to replace a user’s face with a deepfake. This can hijack facial recognition or secure banking transactions, authorizing fraudulent activities.

Volkov pointed out that these vulnerabilities often go unnoticed, as the malware works silently in the background, making it difficult for users to detect any issues before it’s too late.

“A compromised device can bypass strong passwords, rendering security measures almost useless if the attacker has access to the device’s camera and can manipulate the biometric data,” he added.

Volkov also discussed how banks and tech companies can help mitigate these risks.

According to Volkov, banks should consider integrating systems that detect unusual behaviour in users’ interactions with apps, such as monitoring video streams for tampering or identifying abnormal user patterns.

Behavioral analysis

“Behavioral analysis, which looks at how you interact with your device, can be a very effective tool against malware or social engineering tactics,” he said.

While these solutions are still evolving, Volkov believes that behavioral analysis could be a game-changer in preventing fraud and protecting users.

“It’s not just about using a fingerprint or a face scan; it’s about ensuring that the way you use your device hasn’t been hijacked,” he added.

Use of VPNs

In addition to discussing deepfakes, Volkov also shed light on the use of Virtual Private Network (VPNs).

“Free VPN services often come with risks that many users aren’t aware of. While they may appear to offer privacy, they can compromise your security by redirecting your traffic through malicious servers or even selling access to your device’s data to third parties,” he said.

Volkov explained that cybercriminals could exploit free VPNs to hide their location and carry out fraudulent activities, making it difficult for security systems to detect malicious actions.

His comments underline a growing concern in the tech world: even as technology advances, so do the tactics of cybercriminals. With facial recognition, deepfakes, and even VPN vulnerabilities becoming more prevalent, Volkov stressed the importance of continuous innovation in cybersecurity to stay ahead of these evolving threats.

tanvir@dubainewsweek.com

You may also like