🚀 لقد رفعت CloudSek جولة B1 من السلسلة B1 بقيمة 19 مليون دولار - تعزيز مستقبل الأمن السيبراني التنبؤي
CloudSEK Logo
September 18, 2025

ForgeCraft: Unmasking a China-Linked Operation Selling Counterfeit IDs Across North America

CloudSEK's STRIKE team uncovered a China-linked network selling counterfeit U.S. and Canadian driver's license IDs and SSN cards via 83+ domains, generating $785K+ from 6,500+ fake licenses and 4,500+ unique buyers across North America. Controlled HUMINT traced the threat actor's exact geolocation and facial imagery to China. Backed by shell e-commerce fronts, social media ads, and covert shipping, the operation poses severe risks - potentially enabling fraud, trafficking, SIM swaps, and ultimately threatening U.S. national security - while offering actionable intelligence for disruption.

Authors & Contributors

سوره ماجومدر
إبراهيم الصيفي
Passionate about offensive security and cyber threat intelligence, the author focuses on uncovering real-world vulnerabilities, analyzing cybercrime infrastructure, and assessing business risks through adversarial thinking. With experience in vulnerability chaining, threat monitoring, and dark web reconnaissance, his work contributes to helping organizations strengthen their security posture and proactively address emerging threats.
Downloadable Report

Download the Report

Download the report by clicking below.
The Download will start immediately.

Join our newsletter

Sign up so that you don't miss any updates from us

ForgeCraft: Unmasking a China-Linked Operation Selling Counterfeit IDs Across North America

CloudSEK's STRIKE team uncovered a China-linked network selling counterfeit U.S. and Canadian driver's license IDs and SSN cards via 83+ domains, generating $785K+ from 6,500+ fake licenses and 4,500+ unique buyers across North America. Controlled HUMINT traced the threat actor's exact geolocation and facial imagery to China. Backed by shell e-commerce fronts, social media ads, and covert shipping, the operation poses severe risks - potentially enabling fraud, trafficking, SIM swaps, and ultimately threatening U.S. national security - while offering actionable intelligence for disruption.

This is some text inside of a div block.
استخبارات الخصم

ForgeCraft: Unmasking a China-Linked Operation Selling Counterfeit IDs Across North America

September 18, 2025
This is some text inside of a div block.
min

CloudSEK's STRIKE team uncovered a China-linked network selling counterfeit U.S. and Canadian driver's license IDs and SSN cards via 83+ domains, generating $785K+ from 6,500+ fake licenses and 4,500+ unique buyers across North America. Controlled HUMINT traced the threat actor's exact geolocation and facial imagery to China. Backed by shell e-commerce fronts, social media ads, and covert shipping, the operation poses severe risks - potentially enabling fraud, trafficking, SIM swaps, and ultimately threatening U.S. national security - while offering actionable intelligence for disruption.

سوره ماجومدر
إبراهيم الصيفي
Passionate about offensive security and cyber threat intelligence, the author focuses on uncovering real-world vulnerabilities, analyzing cybercrime infrastructure, and assessing business risks through adversarial thinking. With experience in vulnerability chaining, threat monitoring, and dark web reconnaissance, his work contributes to helping organizations strengthen their security posture and proactively address emerging threats.

Fill Details to Download

Thank You!

Your whitepaper is now downloading...
Oops! Something went wrong while submitting the form.