GURUGRAM: In a thought-provoking speech delivered at the G20 Conference on “Crime and Security in the age of NFTs, AI and Metaverse” on Friday, CloudSEK CEO Rahul Sasi shed light on the growing risks posed by the dark web and shared valuable insights obtained from data collected by his company.
The event, attended by industry experts and cybersecurity enthusiasts, delved into the depths of cybercrime and explored the ways in which criminals exploit unsuspecting individuals.
Predicting Rain: An Analogy for Cybersecurity
CEO & Co-Founder of Bangalore-based cyber security company – CloudSEK, Rahul Sasi opened his speech on Connecting the Dots on Dark Net: Challenges of Crypto Currency & Dark Net by drawing an intriguing analogy between predicting rain and the science of cybersecurity. He emphasized that prediction is not a mere concept of science fiction but rather a practice rooted in data analysis.
Drawing parallels with weather forecasting, he explained that rain can be predicted by collecting past rainfall data and applying mathematical models. Similarly, cybersecurity relies on collecting and analyzing vast amounts of data to identify potential threats and protect against them.
The WhatsApp Hack: A Startling Revelation
Engaging the audience with a question, Sasi asked if they believed dialing a specific number – **67*<10 digit number> could lead to adverse consequences for them or their phones.
The room fell silent as he revealed the shocking truth – dialing that number could result in a WhatsApp hack. He proceeded to explain the mechanism behind this sophisticated cyber attack.
The number in question is a service code used by various service providers to redirect calls when a phone is busy. Cybercriminals exploit this by socially engineering individuals to dial the number. Once engaged in a conversation, the criminals proceed to initiate a registration process on the victim’s number, requesting the One-Time Password (OTP) to be sent via a call.
However, unbeknownst to the victim, the criminals are on the line and promptly intercept the OTP. Armed with the OTP, they gain access to the victim’s WhatsApp account, enabling them to launch various malicious activities such as spreading malware and sending harmful links.
Dark Web Insights: Exposing the Underbelly of Cybercrime
Sasi continued his presentation by shedding light on the dark web and the valuable information his company has obtained from it.
He introduced a free service provided by CloudSEK – https://exposure.cloudsek.com/, where individuals can check if their organization’s compromised computers are up for sale on the dark web. This service aims to raise awareness and empower organizations to take proactive measures against cyber threats.
Case Studies: The ID Printing Scam and Crypto Fraud
The CEO of CloudSEK delved into two compelling case studies, illustrating the methods employed by hackers to collect data and orchestrate cryptocurrency fraud.
The first case, known as the “ID Card Printing Scam,” gained popularity between 2019 and 2021. Cybercriminals created multiple websites, appearing legitimate, offering to modify personal data such as social security numbers.
Victims were enticed to enter their eKYC portal’s OTP, allowing the criminals to collect crucial information for their nefarious activities.
To track down these attackers, Sasi explained how CloudSEK utilized customer care numbers posted on fake websites to identify associated phone numbers. By leveraging publicly available services like Truecaller API, the team was able to link these phone numbers to email addresses and subsequently obtain an extensive dataset.
This data enabled further investigations, including cross-referencing email addresses with social media platforms, ultimately leading to the identification of criminals involved in both legitimate and illicit operations.
Read The Full Report: ID Card Printing Scams Orchestrated by UP-Based Group Defrauds the Indian Public
The second case study revolved around a fake cryptocurrency scam, estimated to have caused losses totaling approximately Rs 10,000 crore.
Cybercriminals established fake social media profiles and WhatsApp numbers to establish trust with victims. They then enticed victims to invest in a fraudulent crypto platform, promising lucrative returns.
Read Full Report: CoinEgg Scam Campaign Steals Victims’ Cryptocurrency and Data
The Need for Enhanced Cybersecurity Measures
As Sasi concluded his speech, he stressed the urgent need for heightened cybersecurity measures to combat the ever-evolving landscape of cyber threats.
The insights shared during his presentation shed light on the magnitude of risks individuals and organizations face in an increasingly interconnected world. He emphasized the importance of vigilance, awareness, and continuous adaptation to protect against cybercriminals’ malicious intentions.
CloudSEK’s dedication to uncovering dark web activities and sharing valuable insights serves as a reminder that cybersecurity is a collective responsibility. With concerted efforts and cutting-edge technologies, it is possible to stay one step ahead of cybercriminals and safeguard the digital realm.
Follow The420.in on