Con Them With Kohli

It is a face you have seen hundreds of times over the last few months. The man in the video has been all over the news as well as social media. But what catches your eye is that this same man is now endorsing a game you had never heard of. The man in question is Anant Ambani, and the game is called Aviator.

While the debate over the ethics of celebrities promoting betting apps rages on, a new threat has now come to light - deepfake videos of celebrities endorsing a cyber-scam spanning two continents under the guise of a betting game. Researchers at CloudSEK, a cybersecurity solutions and research firm headquartered in Bengaluru, on Friday published the findings of their research into a highly organized and well-executed scam making use of Artificial Intelligence (AI) generated videos of public figures.

In an exclusive interaction with FPJ, CloudSEK’s researchers broke down how the scam leverages deepfake technology to create convincing videos that promote the fraudulent mobile gaming app.

“It all began with a closer look at whether cricketer Virat Kohli’s images were being misused, as such scams often misuse the popularity of those who are in the news or the talk of the town,” recalled Gagan S, researcher at CloudSEK.

“From there, it was a rabbit hole, with an entire hoard of AI generated deepfakes in the Facebook ads library.”  

Facebook, as well as other Meta-owned products like WhatsApp and Instagram, let users convert their posts into paid ads, boosting their reach in exchange for money. The Facebook ad library is a repository of all such ads that are in circulation at any given point in time. CloudSEK found scammers have created deepfake videos featuring Virat Kohli, Anant Ambani, Neeraj Chopra, Cristiano Ronaldo, Ryan Reynolds, YouTuber James Donaldson, Mr. Beast, and industrialist Mukesh Ambani’s son Anant.

Gagan says “Kohli was selected because he gave a lot of interviews after recent successful cricket matches. Anant and Mukesh Ambani were selected because Anant’s wedding made them the most talked about family. Ryan Reynolds was chosen because of the runaway success of his films, Deadpool and Wolverine.”

Scammers had also created an entire spoof of Google Play, the official platform where Android users download and update all their apps. Every ad, made using a deepfake video, has a link, which takes the victim to the fake Google Play page. Here, the victims are able to download and install the Aviator app. The ‘game’ itself is simple; you bet money when the plane on the screen is about to take off. Once it does, the longer it stays in the air, the more profit you make on your ‘investment.’If it crashes before you withdraw your winnings, you lose everything. The game, however, is rigged and the users lose more than they win, thereby being tempted to bet more so that they can win back what they lost.

“We installed and ran the app in a safe environment (a setting where no one loses money or no data is lost) and were able to monitor the activity connected to it. At one point, we saw nearly 2500 people using it. The data suggest that this app has been in circulation since early September, and based on this, at least 25,000 to 50,000 people are suspected to have fallen prey to it,” Gagan told FPJ.

CloudSEK found that the scam's mastermind, using the pseudonym "The Maestro," is orchestrating a complex network of phishing domains, fake news channels, and social media campaigns to deceive unsuspecting victims. The scam has spread rapidly across India, Pakistan, Nigeria, Saudi Arabia, and other regions, targeting millions. The scammers also manipulate footage of well known Indian news anchors to generate convincing news bulletin clips. These fake news segments claim that the Aviator mobile game is helping people from all walks of life earn money easily. CloudSEK has found over 1,000+ phishing domains created daily, most domains originating from Belize. CloudSEK says the technology used for creating the deepfakes is ridiculously simple.

“All you need to do,” said Gagan, “is take any of the scores of existing videos of the celebrity from the internet. These have their voice as well as their facial movements when they speak. You feed these videos into the AI generator and then enter a pre-written script of what you want to make the celebrities say. The AI does the rest, very convincingly.”

There are bots on Telegram and generator software on the dark web that can generate AI deepfakes for a few hundred rupees per video. CloudSEK said it would be making this technology available to the public in the form of a free-to-use tool, to help identify and prevent such fraudulent activities. Named the Deepfake Detector, the tool uses advanced algorithms to analyze videos and identify signs of manipulation, including inconsistencies in facial expressions, audio patterns, and textures.

Published on: Sunday, October 06, 2024, 09:27 AM IST