iProov Uncovers Advanced iOS Video Injection Tool for Biometric Fraud

iProov's threat intelligence unit has identified a specialized tool capable of carrying out advanced video injection attacks, raising concerns about the scalability of digital identity fraud. 

The tool appears to originate in China and runs on jailbroken iOS 15 or later devices, giving attackers the ability to bypass weak biometric systems or even exploit verification processes without biometric safeguards altogether.

“The discovery of this iOS tool marks a significant breakthrough in identity fraud and confirms the trend of industrialized attacks,” said Andrew Newell, Chief Scientific Officer at iProov.

The mechanics are fairly direct, if unsettling. An attacker connects a compromised iOS device to a remote server, then injects deepfake media directly into the video feed of an identity verification app. The process never engages the device’s physical camera. Instead, applications are presented with synthetic video—face swaps, motion reenactments, or other forms of AI-generated imagery—that appears live and authentic.

The timing of the discovery is notable. Governments are already scrutinizing the security of digital supply chains, particularly around tools suspected to originate from non-allied nations. The emergence of an iOS-based video injection tool feeds into that broader debate.

To mitigate risks from such attacks, iProov recommends a multi-layered defense approach that confirms:

• The Right Person – verifying identity against trusted records.

• A Real Person – detecting synthetic or manipulated media.

• In Real Time – ensuring interactions are live and not replayed.

• Managed Detection and Response – combining automated defenses with expert oversight.

The organization warns that reliance on single-point verification methods is insufficient against scalable, AI-driven fraud techniques. Multi-layered, adaptive solutions will be required to maintain trust in digital identity systems.