NewsBizkoot.com

Category: Cybersecurity & CyberSurvellience

  • Jharkhand CID Dismantles International Cyber Slavery Network

    Ranchi: On August 8, 2024, the Criminal Investigation Department (CID) in Ranchi, Jharkhand, announced the arrest of two agents involved in trafficking victims for cyber slavery in Southeast Asia. These agents, operating in collusion with Indian and Chinese nationals, lured individuals with fake job offers and forced them to work in scam centers in Cambodia, Thailand, and Laos.

    Arrests and Investigations
    The CID launched an extensive investigation following numerous complaints from victims misled by promises of lucrative job opportunities abroad. These victims found themselves trapped in scam centers in Cambodia, specifically in Sihanoukville, and in Chiang Rai, Thailand. They were coerced into participating in cyber scams under threats and inhumane conditions.

    The investigation tracked financial transactions and communication networks, coordinating with the Protector of Emigrants and the Regional Passport Office. This coordination provided crucial information about unregistered recruitment agents in Jharkhand. Based on this information, two agents were arrested: Waseem Khan from Giridih and Yamuna Kumar Rana from Koderma. Evidence linking them to the trafficking ring and their overseas counterparts was seized.

    SIMILAR STORIES : Kerala Police Busts Cyber Gang: 04 Arrested, Wanted in 501 Cases Across 30 States and UTs

    Modus Operandi
    The victims were contacted by unregistered agents offering data entry jobs in Cambodia, Laos, and Thailand. They were asked to deposit money for visas and tickets and were sent to Cambodia through Vietnam and Thailand. Upon arrival, they were trained in scam operations and instructed to create fake accounts on social media platforms to lure potential victims with attractive investment offers. The victims were then forced to work under harsh conditions, with their passports seized and freedom restricted.

    Public Awareness and Safety
    The CID advises individuals to exercise caution when dealing with overseas job offers, especially those that seem too good to be true. Verifying the authenticity of such offers through official channels is crucial to avoiding falling victim to these schemes. The CID encourages people to report any details regarding agents involved in trafficking to cyberps@jhpolice.gov.in or mobile: 7004974707.

    ALSO READ: Banking Frauds? TRAI’s ‘160’ is Your Safety Net
    Recovery
    During the operation, the CID recovered incriminating evidence, including a mobile number, passbook, checkbooks related to transactions, a laptop, a pen drive, and biodata, passport, and visa details of people sent abroad.

    Photographs
    The CID shared photographs of the scam centers operating in Sihanoukville, Cambodia, as provided by rescued victims. These centers are located in the LONG FENG XUAN CASINO.

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

     

     

  • Top 10 Daily Cybercrime Brief by FCRF [03.08.2024]: Click here to Know More

    Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.

    1. 10% of Citizens’ Stolen Funds from Cyber Fraud Recovered’
    In Rajkot, only 10% of the Rs 70 crore lost to cyber frauds in the past 18 months has been recovered. The police, adopting a new approach to freeze only fraudulent funds, refunded Rs 7.23 crore. The cybercrime unit, handling numerous cases, expects more refunds as court orders are issued.

    2. India Proposes Cybersecurity and Other Cooperative Efforts to Vietnam
    At the 14th India-Vietnam Defense Policy Dialogue, India proposed cooperation in cyber security, military medicine, and submarine search and rescue. Both countries reviewed their defence ties, with Vietnam suggesting five key cooperation areas. They signed a Letter of Intent for training exchanges, and India announced a $300 million credit line for Vietnam’s maritime security.

    3. Hamirpur Police Recover Rs 5.34 Lakh from Cyber Fraud
    The Hamirpur Police swiftly solved an online fraud case, recovering Rs. 5.34 lakh for Bal Chand Rajput, who was scammed by fraudsters posing as Mumbai DCP. The police’s Cyber Unit froze the transferred funds and, within five days, returned the money to Rajput’s account following a court order.

    4. Police Revise Account Freezing Policy in Response to Cyberfraud Cases
    Gujarat Police will now freeze only amounts linked to criminal activity instead of entire bank accounts. This policy change, announced by Minister Harsh Sanghavi, aims to reduce the financial burden on individuals. Since implementing the new approach, 28,000 accounts have been unfrozen, improving the fraud recovery rate to 46.42% in 2024.

    ALSO READ: SEBI Flags 8,890 Misleading Posts, Mulls Action Against Social Media Influencers

    5. New eSIM Scam Defrauds Hyderabad Man of Over Rs 1 Lakh: What It Is and How to Stay Safe
    A Hyderabad man lost over Rs 1 lakh to a sophisticated online scam involving an APK file that granted scammers access to his personal information. They activated an eSIM using his phone number, intercepted OTPs, and drained his account. The incident underscores the need for vigilance against cybercrime and following safety measures.

    INTERNATIONAL

    6. New Partnership Aims to Protect Railways from Cyber Attacks
    Cylus and Digi International have partnered to enhance rail cybersecurity by integrating CylusOne with the Digi TX64 5G Rail cellular router. This collaboration aims to improve rail network security, connectivity, and operations globally. The unified solution offers advanced protection against cyber threats with 5G connectivity and comprehensive security features.

    7. APT41 Hackers Employ ShadowPad and Cobalt Strike in Taiwanese Institute Cyber Attack
    A Taiwanese research institute was breached by Chinese state-linked hackers, APT41, using ShadowPad and Cobalt Strike malware. Discovered by Cisco Talos, the attack involved exploiting outdated software and PowerShell commands for persistent access. The hackers exfiltrated documents and used sophisticated methods to avoid detection, including halting activity upon detection.

    ALSO READ: Ministry of Corporate Affairs (MCA) to Deregister 400 Chinese Companies

    8. NCSC Launches Advanced Cyber Defense 2.0 to Counter Evolving Threats
    The UK’s National Cyber Security Centre (NCSC) plans to launch ACD 2.0, enhancing its Active Cyber Defense initiative with new cybersecurity tools and services. Aiming to address evolving threats, the NCSC will divest successful services to the private sector within three years, partnering with industry and academia for improved cyber resilience.

    9. Hackers Directly Email Customers of an immigration firm following a cyberattack.
    Sable International, a UK-based immigration services company, suffered a sophisticated cyberattack, exposing some customer data. Hackers, identified as the BianLian ransomware gang, emailed customers, urging them not to interact. The breach forced the company to shut down its servers and website, and authorities have been notified.

    10. NWACC Hit by Cyberattack
    Northwest Arkansas Community College (NWACC) experienced a ransomware attack when the hacker’s demands printed from campus printers. While no ransom amount was specified, the college refuses to pay and has no evidence of student data being accessed. Systems are partially operational, with some services impacted and student accommodations in place.

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

  • Binance Faces Rs 700 Crore Penalty for Tax Evasion – What You Need to Know

    The Directorate General of GST Investigation (DGGI) has issued a show cause notice to Binance, one of the world’s leading cryptocurrency exchanges, demanding over Rs 700 crore.

    The notice concerns the fees collected from Indian customers dealing in virtual digital assets (VDAs) on the Binance platform, categorizing this service under the online information database access or retrieval (OIDAR) services. This action covers the fiscal period starting from 2017-18.

    Non-Compliance with Indian GST Framework

    Despite being a major player in the global cryptocurrency market, with operations spanning more than 150 countries, Binance had not registered under the Indian GST framework. This oversight has now brought the company under the scrutiny of Indian tax authorities. Binance’s official website describes the platform as “the world’s leading blockchain ecosystem, with a product suite that includes the largest digital asset exchange.”

    ALSO READ: Escape from Cyber Hell: How 14 Indians Were Rescued from Cambodian Scam Centers

    A Binance spokesperson clarified the company’s stance to media: “We are aware of certain media reports circulating regarding tax notices being issued by Indian GST authorities to global crypto platforms. We would like to clarify that Binance is, and has always been, committed to adhering to relevant domestic legislations applicable to us. We are fully cooperating with the Indian authorities to address any concerns. Binance remains dedicated to maintaining the highest standards of compliance and transparency in the industry.”

    Previous Regulatory Issues

    This recent GST notice is not Binance’s first encounter with Indian regulatory authorities. Earlier, in June, the Financial Intelligence Unit (FIU) issued a notice to Binance under the Prevention of Money Laundering Act (PMLA). The FIU identified Binance as a Reporting Entity (RE) due to its operations as a Virtual Digital Asset Service Provider, which involves designated business activities under the PMLA.

    The notice, dated December 28, 2023, cited Binance’s failure to comply with its statutory obligations under the PMLA, despite its status as a Reporting Entity. Following a review of Binance’s written and oral submissions, the Director of FIU-IND substantiated the charges against Binance. Consequently, the FIU imposed a penalty exceeding Rs 18.82 crore on June 19. Additionally, the FIU issued specific directives to Binance to ensure diligent compliance with the obligations outlined in the PMLA and the PMLA Maintenance of Record Rules (PMLA Rules) of 2005. These directives aim to prevent money laundering activities and combat the financing of terrorism (AML/CFT).

    India’s Crypto Market Landscape

    India continues to attract global players in the cryptocurrency market, despite its stringent tax regulations. A 2023 report by Chainalysis highlights India’s significant position in the global crypto landscape. Despite the imposition of a 30% tax on gains and a 1% Tax Deducted at Source (TDS) on VDAs, India remains one of the top crypto markets in the world.

    According to the report, India leads the world in grassroots crypto adoption as measured by the Global Crypto Adoption Index. More impressively, India has become the second-largest crypto market in the world by raw estimated transaction volume, surpassing several wealthier nations. The United States leads the table, but transactions in India are pegged at over $260 billion.

    ALSO READ: CBI Captures Fugitive Declared Dead by Court in SBI Fraud Case

    Regulatory Environment

    India does not officially use the term “cryptocurrency.” Instead, the Indian Tax Administration refers to cryptocurrencies and NFTs as Virtual Digital Assets (VDAs). Effective April 1, 2022, any income from the transfer of VDAs is taxable at the rate of 30%, plus surcharge and cess. Furthermore, the government introduced a 1% TDS on VDA transactions effective from July 1, 2022. This TDS is deducted by any individual or HUF while buying a VDA.

    The lack of a comprehensive regulatory framework for cryptocurrencies in India has not deterred global players from entering the market. However, the ongoing scrutiny of platforms like Binance underscores the importance of compliance with local laws to avoid significant penalties and legal challenges.

    As the Indian government continues to refine its regulatory approach to VDAs, the industry can expect more stringent oversight. This is crucial to ensuring compliance and transparency in the rapidly evolving digital asset landscape. The case of Binance serves as a stark reminder to global crypto platforms about the necessity of adhering to local regulations to maintain smooth operations and avoid legal entanglements in the burgeoning Indian market.

     

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

  • Top 10 Daily Cybercrime Brief by FCRF [08.08.2024]: Click here to Know More

    Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.

    1. Four Arrested for Impersonating Narcotics Officers; Cyber Cell of Pimpri-Chinchwad Takes Action
    The Pimpri-Chinchwad Cyber Cell arrested four individuals for defrauding a woman of Rs 24.99 lakh by impersonating Narcotics Department officials. The suspects accessed the victim’s mobile via Skype and conducted transactions exceeding two crore rupees. The police linked the suspects to 67 cases and arrested them from Jalgaon and Surat.

    2. YouTuber “Biryani Man” Arrested for Offending Religious Sentiments in Separate Case
    YouTuber “Biryani Man” was arrested by East Zone Cyber Crime police for making derogatory remarks about Christianity in a video. Previously, he was arrested for indecent comments about women visiting Semmozhi Poonga. He faces charges under the IT Act and the Indecent Representation of Women Act.

    3. Real-Life ‘Ladies vs Ricky Bahl’: Cyber Casanova Scams Over 50 Women in Gujarat
    Dhiren Kareliya, a 37-year-old man from Rajkot, conned over 50 women out of lakhs of rupees by posing as a successful professional online. Vadodara cybercrime police arrested him after a meticulous investigation initiated by a woman’s complaint. He used fake photos and sweet-talked victims into sending money.

    4. Meet ‘Broseph’: The Viral Social Worker Aiding Bengaluru in Combating Cyber Scams and Stalking
    Abraham Biggs, a 19-year-old from Florida, died by suicide on a live stream, prompting Dushyant Dubey in Ahmedabad to alert authorities. This incident inspired Dushyant, now known as “St Broseph” or “Batman of Bengaluru,” to dedicate his life to helping others, founding an NGO with over 8,000 volunteers.

    ALSO READ: CBI Captures Fugitive Declared Dead by Court in SBI Fraud Case

    5. Hyderabad Resident Scammed Out of Rs 11 Lakh by Phone Fraudsters
    A 31-year-old Hyderabad resident lost Rs 11.20 lakh to fraudsters posing as TRAI and Mumbai Police officials. They falsely linked him to a money laundering case and pressured him into transferring money. Suspecting further demands, he reported the scam to cybercrime police, who initiated an investigation and advised vigilance against suspicious calls.

    INTERNATIONAL

    6. Police Recover $40M Stolen in Business Email Scam in Just Two Days
    Interpol recovered over $40 million in just two days after a Singaporean company reported a $42.3 million business email compromise scam. The funds were intercepted in Timor-Leste, leading to seven arrests and the recovery of additional money. This case highlights the importance of swift, coordinated international efforts to combat cybercrime.

    7. Darktrace Reports Persistent Cybercrime-as-a-Service Threats Throughout 2024
    Darktrace’s “First 6: Half-Year Threat Report 2024” highlights persistent cyber threats and new attack methods, with Malware-as-a-Service and Ransomware-as-a-Service dominating. Key threats include information-stealing malware, trojans, and phishing. Notable trends include the rise of Qilin ransomware and exploitation of vulnerabilities in edge infrastructure devices

    ALSO READ: Escape from Cyber Hell: How 14 Indians Were Rescued from Cambodian Scam Centers

    8. UK Health Services Call-Handling Vendor Fined $7.7M Over 2022 Ransomware Attack
    The UK’s ICO plans to fine Advanced Computer Software Group £6.09 million for security failures leading to a 2022 ransomware attack by LockBit. The breach exposed data of 82,946 people, including sensitive information and home access details. The ICO’s provisional findings cite inadequate security measures and lack of multi-factor authentication.

    9. McLaren Health Care Confirms Criminal Cyber Attack Disrupted IT and Phone Systems
    McLaren Health Care confirmed a criminal cyber attack disrupted its IT and phone systems. While it’s unclear if patient or employee data was compromised, operations remain mostly functional. Non-emergency appointments and procedures are being rescheduled. This attack follows a previous ransomware incident reported in 2023.

    10. A New UN Cyber Crime Treaty Could Promote “Sexual Rights” for Children
    Western countries are pushing for exceptions in a new cybercrime treaty to decriminalize certain forms of child pornography, including sexting and AI-generated content. They argue for reduced penalties in consensual situations. However, many countries oppose these exceptions, citing concerns about protecting children and maintaining current legal standards. The treaty is expected to be adopted soon.

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

     

     

  • Top 10 Daily Cybercrime Brief by FCRF [04.08.2024]: Click here to Know More

    Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.

    1. Woman Recovers Rs 10 Lakh Lost to Online Scam with Police Help
    A Noida woman duped of ₹10 lakh in an online trading scam reported the fraud on June 28. The cybercrime police tracked and froze the money across 10 bank accounts, returning it to her account after court orders. police are still pursuing the scammers.

    2. Mumbai Cyber Helpline ‘1930’ Recoups Rs 100 Crore for Victims Over 7 Months
    Mumbai’s ‘1930’ cyber helpline has recovered Rs 100 crore from online frauds in seven months by quickly alerting banks in 35,918 cases. A dedicated team of officers and constables freezes fraudulent accounts. The public is urged to follow police guidelines and contact the helpline immediately if they are scammed.

    ALSO READ: Shyambir Singh IAS Officer Faces Criminal Contempt Case For Allegedly Threatening Judge

    3. Himachal Man Defrauded of Rs 5.34 Lakh by Cyber Criminals in Hamirpur
    A Hamirpur resident, Bal Chand Rajput, was scammed into transferring Rs 5.34 lakh after fraudsters posed as police officials and threatened arrest. He filed a complaint, and within five days, the cybercrime cell froze the fraudulent accounts and secured a court order to refund his money. Investigations continue.

    4. Noida Woman Loses Rs 6 Lakh in FedEx Scam, Reflecting 30% Rise in Cybercrime
    Mansi Madheshia, a 32-year-old from Noida’s Sector-49, was scammed out of Rs 6 lakh on July 31, 2024, by fraudsters posing as FedEx employees. They coerced her into multiple bank transfers and a loan by threatening legal action over a fictitious parcel. A case is registered at Sector-49 police station.

    5. Four Individuals Arrested in Bengaluru for Nationwide Job Scam
    The Puducherry cybercrime police arrested four individuals in Bengaluru for a nationwide job scam defrauding over 3,400 people of Rs 200 crores. The accused, part of a network led by Azam Khan, deceived victims with false overseas job offers. Seized items included 21 cell phones, 42 SIM cards, and Rs 41 lakh in cash.

    INTERNATIONAL

    6. China Faces Online Backlash Over Proposal for Cyber IDs
    China’s proposed virtual ID system, aimed at protecting personal information, is causing concern among internet users who fear increased government surveillance and control. Critics argue it could lead to stricter monitoring of online behavior. The government is soliciting public opinion on the plan until August 25.

    7. Cybercriminals Leverage Misconfigured Jupyter Notebooks Using Adapted Minecraft DDoS Too
    Cybersecurity researchers revealed a DDoS attack campaign, named Panamorfi by Aqua, targeting misconfigured Jupyter Notebooks using a Minecraft DDoS tool called mineping. The attack exploits exposed Jupyter instances to fetch a ZIP file, executing Java files to flood TCP connections and consume server resources, with results posted to Discord.

    ALSO READ: Disability Certificates of a Few More IAS IPS IFS Officers Under DoPT Scanner

    8. CrowdStrike Outage to Cost Fortune 500 Companies $5.4 Billion in Losses
    The CrowdStrike IT outage caused about $5.4 billion in damages, but insured losses are expected to be much lower, between $300 million and $1.5 billion. The outage, due to a software update rather than a cyberattack, resulted in minimal insurance coverage, with fewer than 1% of insured companies impacted.

    9. Israeli Hackers Take Credit for Internet Disruption in Iran
    The Israeli hacker group WeRedEvils has claimed responsibility for recent internet outages in Iran. The attack follows previous operations against Iranian infrastructure and Yemen. The group warned of the strike on Telegram and reported accessing sensitive Iranian software. The outages are significant amid ongoing Israel-Iran tensions.

    10. Telegram-Controlled TgRat Targets Linux Servers for Data Theft
    The TgRat trojan, initially designed for Windows, now targets Linux servers using Telegram for control. Discovered in 2022, it can download files, capture screenshots, and execute commands remotely. The trojan’s communication via Telegram makes it harder to detect. Regular antivirus updates are advised to prevent infections.

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

  • Here’s How Mumbai Police Recovered Rs 100 Crore from Cyber Fraudsters, Addressed 35,918 Complaints

    Mumbai: In a significant achievement, the Mumbai Police announced on Sunday that they have recovered Rs 100 crore from cyber fraudsters from January to July of this year. This recovery is the result of extensive efforts over the past seven months. The money belonged to numerous victims who had fallen prey to various cyber scams. It is worth noting that in same time period, over Rs 650 crore was lost by the victims.

    Deputy Commissioner of Police (Crime Branch) Dutta Nalawade stated that the police acted on 35,918 complaints of cyber fraud. These complaints included cases related to share trading, courier calls, investment schemes, threats of digital arrest, and online transactions. Victims had reported these incidents to the Mumbai cyber police through the helpline number 1930.

    Digital Diagnosis: Guwahati Doctor’s Rs 2 Crore Cyber Fever Treated by CID

    DCP Nalawade highlighted the importance of the helpline number 1930, urging people to use it to report any financial cyber fraud-related complaints. He emphasized that the helpline has become a lifeline for many victims. The police response involves three officers and 50 constables working in shifts to contact banks and their nodal personnel to halt fraudulent transactions promptly.

    Sources indicate that the FIR conversion rate for complaints on the 1930 helpline in Maharashtra is less than 1 percent. In 2021, Maharashtra reported 1,26,811 online complaints, with only 950 FIRs registered (a conversion rate of 0.75 percent). In Rajasthan, 91,033 complaints were reported, and the FIR conversion percentage was a mere 0.26 percent. Additionally, it is not clear whether the recovered Rs 100 crore has been repatriated to the source accounts of the victims or is currently on hold in banks.

    The Mumbai Police have also frozen the accounts of the accused to prevent further transfers. Despite these efforts, DCP Nalawade warned that cyber fraudsters are continually adopting new methods to trap and extort money from unsuspecting individuals.

    The DCP urged the public to remain vigilant and report any suspicious activities immediately. This proactive approach by the Mumbai Police is a critical step towards curbing cybercrime and protecting citizens from financial losses.

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

  • Top 10 Daily Cybercrime Brief by FCRF [05.08.2024]: Click here to Know More

    Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.

    1. Mumbai Police Recovers Rs 100 Crore in Cyber Fraud Cases, Resolves 35,918 Complaints
    Mumbai Police recovered Rs 100 crore from cyber fraudsters, resolving 35,918 complaints in seven months. Victims reported frauds involving share trading, investment schemes, and online transactions via the cyber helpline 1930. DCP Dutta Nalawade emphasized the helpline’s effectiveness and warned about evolving fraud methods, urging immediate reporting of financial cyber crimes.

    2. Individual Arrested for Defrauding Man of Rs 38 Lakh
    Vadodara cybercrime police arrested Amit Pithadiya from Ahmedabad for defrauding Rajiv Chauhan of Rs 38 lakh. Pithadiya, part of a cyber fraud gang, sold his bank account for fraudulent transactions worth over ₹1.5 crore. Chauhan was duped through fake stock market investment ads on Facebook and WhatsApp. Investigations are ongoing.

    3. 13,000 Victims in Vizag Fall Victim to Cybercrime, Losses Total Rs 100 Crore
    In Visakhapatnam, over 13,000 people have lost around Rs 100 crore to cybercrime, with Rs 18 crore frozen in bank accounts. The police have released Rs 4.6 crore to 150 victims. Cybercrimes include phishing, investment fraud, and cryptocurrency scams. Prompt reporting can help freeze funds and recover losses, according to authorities.

    4. RailTel Partners with Cylus to Enhance Cybersecurity for Indian Railways
    RailTel has partnered with cybersecurity firm Cylus to enhance Indian Railways’ cybersecurity. This collaboration will integrate Cylus’ advanced technology, CylusOne, to protect critical railway systems like signaling and control. The partnership also includes specialized cybersecurity training to bolster defenses, marking a significant upgrade in Indian Railways’ cybersecurity framework.

    ALSO READ: Meet Daljit Singh Chawdhary, IPS: The ‘Encounter Specialist’ Now Securing India’s Borders

    5. Fraudsters Hold Victims on Camera for Hours, Pretending to Arrest Them
    Pune cyber police reported four recent incidents where fraudsters, posing as senior officers from state or central agencies, conducted ‘digital arrests’ of victims, keeping them on camera for 12 hours to three days. Victims were tricked into compliance, often for fake parcel fraud and money laundering cases.

    INTERNATIONAL

    6. Major Internet Disruption Hits Israel Before Alleged Iranian Strike, Tech Glitch Suspected
    Ahead of Iran’s retaliatory attack for Haniyeh’s assassination, Israeli residents in central Israel experienced GPS disruptions affecting navigation apps like Google Maps and Waze. Some Tel Aviv motorists were misled to believe they were in Beirut, according to the Times of Israel.

    7. CrowdStrike Denies Responsibility for Delta Airlines Cyber Outage
    CrowdStrike denied responsibility for Delta Airlines’ flight disruptions caused by the July 19 global outage affecting over 8 million computers. In a letter, CrowdStrike expressed disappointment with Delta’s allegations, strongly rejecting claims of gross negligence or misconduct while reiterating its apology to the airline.

    ALSO READ: Zerodha Co-Founder Nithin Kamath in Legal Trouble with MCA for THIS Reason

    8. Surge in Ransomware Attributed to Use of Off-The-Shelf Code
    Kaspersky’s report attributes the rise in ransomware attacks to ‘off-the-shelf’ ransomware, with a 30% increase in targeted groups and a 71% rise in known victims. Leaked code, like LockBit 3.0, enables easy creation of custom ransomware. Kaspersky advises robust security measures and continuous education to counter evolving threats.

    9. Viettel Cyber Security Exposes Philippine Cyber Vulnerabilities: Over 315,000 Compromised Accounts in First Half of 2024
    In the first half of 2024, Viettel Cyber Security reported 315,000 compromised credentials, 17,456 phishing attacks, and numerous data breaches in the Philippines, affecting mainly government and education sectors. Despite the threats, many organizations remain overly confident. Viettel urges robust cybersecurity measures and awareness to combat escalating cyber risks.

    10. Department of Justice and FTC Sue TikTok Over Violations of Children’s Privacy Regulations
    The U.S. Department of Justice and FTC sued TikTok for violating children’s privacy laws by allowing minors to create accounts and collect their data without parental consent, breaching COPPA and a 2019 consent order. TikTok disputes the claims, citing improved safeguards and features for protecting minors.

     

     

  • Singapore’s Biggest Scam Busted: How INTERPOL Helped Recover $42 Million in Email Scam

    In a landmark case demonstrating the power of international cooperation, Singapore authorities have made their largest-ever recovery of funds from a business email compromise (BEC) scam. The successful operation, which unfolded in July 2024, led to the recovery of over $41 million and the arrest of seven suspects in Timor Leste, thanks to INTERPOL’s innovative global stop-payment mechanism.

    The Scam Unfolds

    On July 15, 2024, a Singapore-based commodity firm received what appeared to be a routine email from a supplier. The message requested that a pending payment be sent to a new bank account in Timor Leste. Unbeknownst to the firm, the email came from a fraudulent account with a slight misspelling of the supplier’s official email address – a classic tactic in BEC scams.

    Falling for the ruse, the firm transferred a staggering $42.3 million to the fake supplier on July 19. The deception only came to light four days later when the genuine supplier inquired about the unpaid invoice. Realizing they had been scammed, the firm promptly filed a police report on July 23.

    ALSO READ: Here’s How Mumbai Police Recovered Rs 100 Crore from Cyber Fraudsters, Addressed 35,918 Complaints

    Swift Action and International Cooperation

    Upon receiving the report, the Singapore Police Force (SPF) sprang into action. They immediately reached out to INTERPOL, activating its Global Rapid Intervention of Payments (I-GRIP) mechanism. This system, which taps into INTERPOL’s vast network spanning 196 countries, is designed to accelerate assistance requests in financial crime cases where time is of the essence.

    The rapid response paid off handsomely. By July 25, just two days after the initial report, the SPF’s Anti-Scam Centre received confirmation that $39 million had been detected and frozen in the fraudulent bank account in Timor Leste. But the operation didn’t stop there.

    Arrests and Additional Recoveries

    Timor Leste authorities, working in close cooperation with their Singaporean counterparts, launched follow-up investigations that yielded even more impressive results. Their efforts led to the arrest of seven suspects connected to the scam and the recovery of an additional $2 million.

    Steps are now being taken to return the recovered funds – totaling over $41 million – to the victim in Singapore, marking a remarkable success rate in what is often a challenging process of fund recovery in international financial crimes.

    INTERPOL’s Crucial Role

    Isaac Oginni, Director of INTERPOL’s Financial Crime and Anti-Corruption Centre (IFCACC), highlighted the critical importance of speed in intercepting the proceeds of online scams. “The cooperation between authorities in Singapore and Timor Leste in this case was exemplary,” Oginni stated, “and demonstrates how quick action through INTERPOL can help recover funds taken from fraud victims and identify the perpetrators.”

    David Chew, Director of the SPF’s Commercial Affairs Department, echoed these sentiments, emphasizing the global nature of scams and the necessity for swift, coordinated international responses. “Today, money moves at the click of a button, and law enforcement must be able to move as fast to protect our citizens,” Chew remarked. He praised INTERPOL’s IFCACC for its pivotal role in the prompt interception of more than $40 million in this case.

    ALSO READ: Meet Daljit Singh Chawdhary, IPS: The ‘Encounter Specialist’ Now Securing India’s Borders

    I-GRIP: A Proven Success Story

    The I-GRIP mechanism, launched by INTERPOL in 2022, has already proven its worth many times over. Since its inception, it has aided law enforcement agencies worldwide in intercepting hundreds of millions of dollars in illicit funds.

    During its pilot phase, I-GRIP played a crucial role in helping several countries recover funds transferred to fraudsters in the early years of the COVID-19 pandemic. A notable success came in September 2020, when the mechanism facilitated the interception of $3.4 million transferred from an Italian company for non-existent medical equipment supposedly in Indonesia.

    More recently, in a 2024 INTERPOL operation, police utilized I-GRIP to intercept $331,000 in a BEC fraud involving a Spanish victim who had transferred money to Hong Kong, China.

    Timeline of the Scam

    • 15 July: Singapore firm receives scam email from a fake supplier.
    • 19 July: Firm transfers USD 42.3 million to the fake supplier’s bank account in Timor Leste.
    • 23 July: Firm discovers the fraud after the genuine supplier reports not being paid and files a police report in Singapore; SPF reaches out to INTERPOL.
    • 24 July: Singapore receives confirmation via INTERPOL that over USD 39 million was intercepted thanks to cooperation with Timor Leste authorities.
    • 24-26 July: Timor Leste authorities arrest several suspects and recover an additional USD 2 million.

    ALSO READ: Zerodha Co-Founder Nithin Kamath in Legal Trouble with MCA for THIS Reason

    Preventive Measures and Future Outlook

    In light of the increasing sophistication of BEC and other social engineering scams, INTERPOL is urging businesses and individuals to take proactive preventive measures. The organization provides valuable information and resources on its website to help potential victims safeguard themselves against such frauds.

    This case serves as a powerful example of the effectiveness of international cooperation in combating complex financial crimes. It underscores the critical importance of rapid response mechanisms like I-GRIP in today’s fast-paced digital financial landscape, where criminals can move large sums of money across borders in seconds.

    As cybercriminals continue to evolve their tactics, the success of operations like this one in Singapore offers hope and a blueprint for future efforts to protect individuals and businesses from financial fraud on a global scale.

     

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

  • Top 10 Daily Cybercrime Brief by FCRF [07.08.2024]: Click here to Know More

    Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.

    1. Pune Resident Loses Rs 49 Lakh to Online Fraud
    The Sinhgad Police registered a case against a fraudster for impersonating a policeman and stealing Rs 49.20 lakh from a 74-year-old man on August 5. The criminal intimidated the victim over the phone, convincing him to transfer the money. A probe and forensic investigation are underway to track the accused.

    2. Cybercriminals Target Retired Bank Workers
    A retired Punjab National Bank manager from Khanna was defrauded of Rs 10 lakh by cyber criminals. On August 3, he clicked on a credit card application link while on Facebook and received a WhatsApp call prompting him to click further, resulting in the unauthorized withdrawal. He filed a complaint with the cyber cell.

    3. Delhi Police’s Cyber Cell Registers FIR in $230 Million WazirX Crypto Heist
    WazirX filed an FIR on August 6 in response to a $230 million cyberattack on its crypto exchange last month. The FIR, lodged with Delhi Police, follows a complaint filed by WazirX. The company is cooperating with authorities to recover the stolen funds and prosecute the culprits.

    4. Police Receive Training from Social Media Giants to Expedite Case Resolution
    Kolkata Police met with WhatsApp and Facebook officials to learn technical skills for solving cybercrimes and preventing suicides. A training session focused on new technology and cryptocurrency-related crimes. The home ministry’s initiatives, including the Sanchar Saarthi portal, have disconnected 73 lakh mobile connections and blocked 2.3 lakh handsets to prevent fraud.

    ALSO READ: Jamtara Cyber Crime Kingpins: 4 Arrested for Widespread Online Fraud Across India

    5. Indian Cyber Crime Coordination Centre Prevents Rs 2400 Crore Loss from Cyber Frauds
    The Indian Cyber Crime Coordination Centre’s system, set up in 2021, saved over Rs 2400 crore from cyber fraud across 7.6 lakh complaints. The Sanchar Saarthi portal disconnected 73 lakh forged mobile connections and blocked 2.3 lakh handsets. Additionally, 7 lakh fraudulent WhatsApp accounts were disengaged, and 11 lakh lost mobile sets were traced.

    INTERNATIONAL

    6. Hackers Attack Grand Palais Olympics Venue and Paris Museums
    Hackers targeted 40 French museums, including the Grand Palais, with ransomware, blocking financial data systems and demanding cryptocurrency ransom. The French National Agency for Information Systems Security confirmed Olympic systems were unaffected. The Paris cyber cybercrime police are investigating. Nearly 70 cyberattacks linked to the Olympics were foiled recently.

    7. Hackers Erase Data on 13,000 Students’ iPads and Chromebooks After Compromising Safety Software
    Mobile Guardian experienced a security breach, leading to unauthorized access and remote wiping of devices. Around 13,000 students in Singapore had their iPads and Chromebooks wiped. The Ministry of Education is supporting affected students and removing Mobile Guardian’s software. The company has apologized and taken down its platform to prevent further issues.

    ALSO READ: How Padma Shri Recipient’s Arrest in Multiple Scams Raises Questions About Awarding Process

    8. North Korean Hackers ‘Moonstone Sleet’ Deploy Malicious JS Packages on npm Registry
    The North Korea-linked group Moonstone Sleet has been pushing malicious npm packages to infect Windows systems. The packages harthat-api and harthat-hash were quickly removed after being published. The group uses these packages to deploy additional malware, often via LinkedIn or freelancing sites, targeting technical skills assessments.

    9. Google Fixes Zero-Day Vulnerability in Android Already Exploited by Hackers
    Google has patched a critical zero-day flaw in Android (CVE-2024-36971) affecting the operating system’s kernel. This vulnerability allows hackers to remotely execute code with system privileges, potentially leading to malware installation. The flaw, due to improper memory synchronization, can cause system crashes and unauthorized code execution.

    10. Windows Smart App Control Security Flaw Exploited by Hackers for Years
    A serious flaw in Windows Smart App Control and SmartScreen, discovered by Elastic Security Labs, allows attackers to bypass security alerts by manipulating LNK files. This flaw, exploited since at least 2018, removes the Mark of the Web (MotW) tag, preventing security warnings. Additional bypass methods include using code-signing certificates and repurposing trusted apps.

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube

  • Jamtara Cyber Crime Kingpins: 4 Arrested for Widespread Online Fraud Across India

    In recent times, several incidents of cyber fraud have been reported in various districts of Uttar Pradesh, specifically targeting Indraprastha Gas and Green Gas connection holders as well as electricity connection holders. These cyber fraudsters have been deceiving people and siphoning off lakhs of rupees from their accounts. On July 30, 2024, a case was registered at the Cyber Crime Police Station, Kanpur Nagar, under FIR number 63/2024, sections 318(4), 338 BNS and 66D of the IT Act, based on a complaint by Ravindra Singh Negi, son of Tejpal Singh Negi, resident of Neer Nagar, Kakadeo, Kanpur Nagar. The complainant mentioned that on July 17, 2024, a substantial amount of money was fraudulently withdrawn from his account by the cyber criminals.

    Following this complaint, the Police Commissioner of Kanpur Nagar instructed the Deputy Commissioner of Police, Kanpur Nagar, to devise a comprehensive plan to apprehend the accused and take effective action against such cyber crimes. Subsequently, under the supervision of the Additional Deputy Commissioner of Police, Crime, and the Assistant Commissioner of Police, Cyber Crime, a dedicated team from the Cyber Crime Branch, Kanpur Nagar, was deployed to take effective action and arrest the cyber criminals.

    ALSO READ: How Padma Shri Recipient’s Arrest in Multiple Scams Raises Questions About Awarding Process 

    On August 5, 2024, the Cyber Crime Police team achieved significant success by arresting four inter-seasoned cyber criminals near Jajmau Bridge, Kanpur. During the arrest, 12 mobile phones and pre-activated SIM cards with fake IDs, used in the frauds, were recovered. The four cybercriminals arrested are residents of Jamtara, Jharkhand. They used to send specially designed APK files via WhatsApp messages to the mobile numbers of individuals who had Green Gas, Indraprastha Gas, and electricity connections. By obtaining crucial data through these APK files, they would fraudulently withdraw money from their victims’ bank accounts using online banking and payment wallets/apps. The money obtained through cyber fraud was then withdrawn from various ATMs located in Bihar, Jharkhand, West Bengal, and Sikkim. They would also use these fraudulently obtained funds to pay electricity bills, recharge mobile phones, and at petrol pumps, and subsequently divide the cash among themselves.

    The four arrested cyber criminals are originally from Deoghar and Jamtara, Jharkhand, but they were living in rented rooms in Madhubani, Bihar, to avoid being traced. They frequently changed locations, staying in hotels in places like Darbhanga, Siliguri, Darjeeling, and Gangtok, and used various mobile devices and fake ID SIM cards to carry out their cyber fraud activities. Based on the mobile numbers used by these cyber criminals, information was obtained from the Cyber Crime Reporting Portal NCRP (1930) indicating that they had conducted several cyber frauds in Uttar Pradesh, specifically in Lucknow, Agra, and Kanpur. Coordination was established with the cyber crime police of the relevant districts, and police teams have been dispatched to Bihar, Jharkhand, West Bengal, and Sikkim to arrest other members of the gang.

    The arrested individuals and recovered items are as follows:

    • Bharat Kumar Mandal, son of Khublal Mandal, resident of Darve, Post Jagdishpur, Police Station Budai, District Deoghar, Jharkhand, is 31 years old. (Previously jailed for cyber crimes in Haryana in 2020 and Deoghar, Jharkhand in 2022).

    Recovered items:

    • REDMI 9A, blue color
      IMEI NO. 867796052096281 / 867796052096299
      SIM/MOBILE NO.-1. 1: 9209389556 (JIO), 2. 9699305529 (JIO)
    • REDMI 9A, dark blue color
      IMEI NO. 863537059878451 / 863537059878469
      SIM/MOBILE NO. 8360500742 (JIO)
    • OPPO RENO 6 PRO 5G, light sky color
      IMEI NO. 868066052621218 / 868066052621200
    • APPLE 15, white color
      IMEI: 357497541309008, 357497541276579
      NO SIM

    Another arrested person is:

    • Sanoj Mandal, son of Mohan Mandal, resident of Murlidi, Police Station Karmatand, District Jamtara, Jharkhand, is 29 years old.

    Recovered items:

    • REDMI 9i, blue color
      IMEI NO. 867617050679888 / 867617050679896
      SIM/NO: 8661569430 (JIO)
    • OPPO A58, sea green color
      IMEI NO. 862892067264132 / 862892067264124
      MOBILE NO. 7004476109 (JIO)
    • REDMI 9A, blue-green color
      IMEI NO. 861378060919048 / 861378060919055
      MOBILE No. 1: 8861578560 (JIO), 2. 6307752515 (JIO)

    The third arrested person is:

    Deepak Mandal, son of Jaynarayan Mandal, resident of Murlidi, Police Station Karmatand, District Jamtara, Jharkhand, is 29 years old.

     

    Recovered items:

    • INFINIX-X-6832, sky blue color
      IMEI NO. 350360931255727 / 350360931255735
      MOBILE No. 1: 7695898298 (JIO), 2. 7498384260 (JIO)
    • REDMI 13C, light green color
      IMEI NO. 860799060199870 / 860799060199888
      MOBILE NO. 87668868890 (JIO)
    • APPLE IPHONE 14, light blue color
      IMEI NO. 355546530704678 / 355546530059248
      MOBILE NO. 9798833254 (JIO)
      1 Aadhaar Card No. 812671627602

    The fourth arrested person is:

    Krishna Kumar Mandal, son of Vasudev Mandal, resident of Devalwadi, Police Station Karmatand, District Jamtara, Jharkhand, is 23 years old.

    Recovered items:

    • OPPO RENO-115G, sky blue color
      IMEI NO. 861519061703333 / 861519061703325
      MOBILE NO. 6207848591 (JIO)
    • REDMI NOTE-10T-5G, silver color
      IMEI NO. 86458105040903078 / 86458105040904878
      MOBILE No. 1: 7620671717 (JIO), 2. 9343968810 (JIO)

    Follow The420.in on

     TelegramFacebookTwitterLinkedInInstagram and YouTube