Jinkusu Deepfake Tool Compromises KYC Security in Crypto and Banking
Severity: High (Score: 64.5)
Sources: Mexc.Co, Cryptonews, Coinmarketcap, Mexc
Summary
A new AI cybercrime tool named JINKUSU CAM is being sold by a threat actor known as 'Jinkusu' to bypass Know Your Customer (KYC) checks on major crypto exchanges like Binance, Coinbase, and Kraken, as well as banking platforms. This tool employs real-time deepfake technology for facial and voice manipulation, enabling attackers to present fabricated identities during verification processes. It utilizes advanced features such as GPU-based face swapping and voice modulation to evade biometric systems, posing significant risks to financial services. Security experts warn that the tool could facilitate large-scale fraud and synthetic identity theft. The emergence of such deepfake tools is seen as a wake-up call for the industry, highlighting vulnerabilities in existing KYC systems. The tool's capabilities extend to enabling romance scams, which have previously resulted in billions in losses. The threat actor Jinkusu is also linked to the Starkiller phishing kit released earlier in 2026, indicating a broader trend of sophisticated cybercrime tools targeting financial platforms. Key Points: • JINKUSU CAM can bypass KYC checks on major crypto exchanges and banks using deepfake technology. • The tool's advanced features include real-time face swapping and voice modulation, making detection difficult. • Jinkusu is suspected to be connected to previous cybercrime tools, indicating a trend of increasing sophistication.
Key Entities
- Malware (attack_type)
- Phishing (attack_type)
- Binance (company)
- Coinbase (company)
- OKX (company)
- ElevenLabs (company)
- Kraken (ransomware_group)
- Iran (country)
- Financial (industry)
- Starkiller (tool)
- Chrome (tool)
- Docker (tool)
- Gfpgan (tool)
- Headless Chrome (tool)
- T1056 - Input Capture (mitre_attack)
- T1566.002 - Spearphishing Link (mitre_attack)
- T1566 - Phishing (mitre_attack)
- Android (platform)