Cybersecurity News in Asia

Features
- Featured
  
  Moving away from reactive cybersecurity to preemptive, continuous AI-powered cyber vigilance
  
  Monday, January 12, 2026, 10:01 AM Asia/Singapore | Features, Newsletter
- Featured
  
  Leveraging digital twins to combat rising AI-powered threats
  
  Thursday, January 8, 2026, 1:58 PM Asia/Singapore | Features
- Featured
  
  Editor's pick: Cybersecurity trends in 2026
  
  Wednesday, January 7, 2026, 10:36 AM Asia/Singapore | Cyberthreat Landscape, Features, Newsletter
Opinions
Tips
Whitepapers
Awards 2025
Directory
E-Learning

Deepfake injection tool exploits fully jailbroken iOS devices to bypass biometric-fraud defenses

By CybersecAsia editors | Tuesday, September 30, 2025, 11:15 AM Asia/Singapore

The tool injects synthetic videos into identity checks, bypassing physical cameras to enable sophisticated digital impersonation and fraud schemes

A newly identified tool capable of injecting deepfake content directly into compromised iOS devices highlights the growing sophistication of digital identity fraud techniques.

The tool operates by exploiting jailbroken Apple devices (fully rooted) running iOS 15 or later, enabling attackers to bypass normal security protections and insert manipulated video streams into applications, particularly those using biometric authentication.

Unlike traditional spoofing, which involves showing a falsified video or image to a camera, the technique manipulates the underlying video feed. The process involves:

connecting a compromised iPhone or iPad to a server controlled by the attacker
channeling synthetic media into the device, and can include face-swapping videos or motion re-enactments in which a victim’s still image is animated with another person’s movements
circumventing the physical camera input, using a special method to insert synthetic media (such as deepfake content) into applications such as biometric verification systems, to mislead applications on the device into treating the injected deepfake as a live video feed

The scale and automation potential of this method make it especially concerning for identity verification systems with weak or absent biometric safeguards. Successful use of the tool could allow fraudsters to impersonate legitimate users or manufacture synthetic identities capable of navigating digital verification checks.

Researchers have noted that the tool is suspected to have been developed in China, although attribution could not be independently confirmed. Its emergence, however, comes as states and businesses remain concerned about the national security implications of advanced identity fraud tools and the broader risks tied to manipulated video and generative AI.

The discovery, announced on 18 September 2025 by iProov, underscores the inadequacy of single-layer verification methods, which can be more easily bypassed by increasingly advanced injection techniques. Their analysts stress the importance of multi-layered defenses, combining biometric checks with real-time liveness detection and continuous monitoring, to detect synthetic media before it can compromise authentication systems.

According to their chief scientist Andrew Newell: “The tool’s suspected origin is especially concerning and proves that it is essential to use a liveness detection capability that can rapidly adapt,” alluding to a possible shift towards “industrialized attacks”.