Illicit Telegram Tools Breach Financial Security

A survey has revealed that illicit hacking tools circulating on Telegram are undermining the Know Your Customer (KYC) security of major banks and cryptocurrency exchanges, leading to an increase in money laundering attempts that exploit these vulnerabilities. In a two-month investigation, MIT Technology Review identified over 20 Telegram channels and groups attempting to bypass the security systems of major cryptocurrency exchanges and prominent banks, advertising bypass kits and stolen biometric data.

Cybercriminals are deceiving financial institutions' 'liveness detection' and 'Know Your Customer' (KYC) facial scan procedures using tools like virtual camera software available on Telegram. This is achieved by using other videos or photos instead of a real person's face, thereby facilitating the opening of financial accounts and money laundering.

In one instance, staff at a money laundering center in Cambodia were filmed bypassing a Vietnamese bank app's video 'liveness' check by using a still image. Some of the Telegram channels investigated advertised "all kinds of KYC verification services" in Chinese, Vietnamese, and English, claiming their software kits could circumvent compliance checks for major financial institutions such as Binance and Spain's BBVA.