Kaspersky’s Global Research and Analysis Team (GReAT) have uncovered adverts on the darknet offering real-time video and audio deepfake services. Prices reportedly start at $50 for fake videos and $30 for fabricated voice messages, with costs rising based on the complexity and duration of the content. These findings were made after analysing multiple Russian- and English-language platforms.
Previously, Kaspersky had identified deepfake creation services on darknet platforms which ranged from $300 to $20,000 per minute. Unlike these previous services, the current offerings allow threat actors to generate fake audio and video content in real-time at a fraction of the price. The adverts feature several options, including real-time face swapping during video calls on videoconference platforms or messengers, face replacement for verification, and camera feed replacement on devices.
The authors of the posts claim that they can provide software that syncs a person’s facial expressions in a video with text, even in foreign languages, along with tools for voice cloning and for adjusting tone and timbre to convey specific emotions. However, it is quite likely that many of these adverts are scams intended to defraud interested buyers.
“We are not only seeing ads offering ‘deepfake-as-a-service,’ but also a clear demand for these tools. Malicious actors are actively experimenting with AI and incorporating it into their operations. Some platforms feature more sophisticated capabilities: for instance, malicious LLMs created entirely from scratch, independent of publicly available models, which run locally. While these technologies do not introduce fundamentally new cyber threats, they can significantly enhance cyber attackers’ capabilities. In this context, cybersecurity experts must work hard to counter these threats. One of the most promising ways to meet this challenge is to leverage AI to boost both the productivity of security professionals and the effectiveness of defensive measures,” comments Dmitry Galov, head of the Kaspersky Global Research and Analysis Team in Russia and CIS.
To stay safe, Kaspersky recommends:
- Ensuring your company has effective cybersecurity measures in place, not just protective solutions, but also skilled IT specialists. Use Kaspersky Threat Intelligence to identify threats that could impact your business.
- Making sure employees understand deepfakes and why they are a serious threat and provide regular training on how to spot them. The Kaspersky Automated Security Awareness Platform can help boost digital literacy.
- Teaching staff to recognise key signs of deepfakes: jerky movements, inconsistent lighting between frames, unnatural skin tones, unusual or missing blinking, image distortions, and videos intentionally shot in low quality or poor lighting.
