Camera intervention to bypass biometric authentication, selling 1,000 bank accounts

When users authenticate their faces to log in, Dat's group's tool could hijack the camera, block live images, and replace them with their own portrait photos.

Thanh Hoa Provincial Police's Security Investigation Agency announced on 24/6 that it has prosecuted and temporarily detained eight people. They face charges related to the illegal collection, storage, and sale of bank account information; unauthorized access to computer and telecommunications networks; and using electronic means to appropriate property.

The suspects and exhibits from the case. Photo: Police provided

Authorities accuse Nguyen Tien Dat, 22 years old, residing in Long Bien ward, Hanoi, of leading this group. Dat established connections with numerous individuals in Hanoi, Ninh Binh, Son La, Bac Ninh, and TP HCM to collect, buy, and rent a large number of bank accounts.

From 9/2025 to 6/2026, Dat, along with Hoang Duc Manh, 22 years old, also from Long Bien ward, collected, stored, and sold over 1,000 bank accounts, illegally profiting billions of dong.

To expand operations, Dat built a network of accomplices in various localities. They sold or rented bank accounts along with a tool designed to bypass biometric authentication to others.

According to the investigation agency, the group's notable tactic involved using a software tool capable of deep intervention into phone devices. When a user performed facial authentication for logging in or making bank transactions, this tool could hijack the camera, block the live image feed, and replace it with a portrait photo already stored on the phone.

Through this method, Dat and his accomplices reportedly bypassed bank biometric security, using these "junk" accounts for illegal activities such as gambling, money laundering, illicit advertising, and other violations.

In addition to Dat and Manh, the investigation agency identified Nguyen Minh Hoang (Tan Vinh Loc commune, TP HCM), Du Ngoc Tien (Ban Co ward, TP HCM), Pham Quang Yen (Liem Tuyen ward, Ninh Binh province), Dinh Ngoc Tung (Bo De ward, Hanoi), Lo Truong Giang (Chieng Sinh ward, Son La province), and Nguyen Thi Thu Thao (Cao Duc commune, Bac Ninh province) as participants in the network, each with different roles.

Police warn that buying, selling, renting, or lending bank accounts, citizen identification cards, or personal information not only carries the risk of being exploited for fraud and money laundering but can also lead to criminal prosecution for those involved.

The public should not install applications, software, or tools from unknown sources, access strange links, or grant device control permissions to unidentified applications. Users need to regularly update their operating systems and banking applications. They should also inspect their devices if they detect unusual signs, such as the device heating up, rapid battery drain, the camera activating automatically, or the appearance of unfamiliar applications.

For financial organizations and banks, authorities propose continued upgrades to security systems and improvements in biometric recognition technology. This includes enhancing the ability to detect simulated images and videos to prevent bypass attempts during electronic transactions.

Le Hoang

By VnExpress: https://vnexpress.net/can-thiep-camera-de-qua-mat-xac-thuc-sinh-trac-hoc-ban-1-000-tai-khoan-ngan-hang-5090374.html