Cyber Crime
Top 10 Daily Cybercrime Brief by FCRF [27.05.2024]: Click here to Know More
Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.
1. Dark Web Deceit: Cyber Crooks Exploit Third-Party Apps
Cyber scammers in Bengaluru are tricking citizens into downloading malicious third-party APKs, leading to significant financial losses. Victims received deceptive messages to update their PAN cards, unknowingly granting access to their banking details. To stay safe, avoid installing apps from unknown sources and report incidents to cybercrime authorities.
2. Indians Lost Over Rs 1,750 Crore to Cyber Fraud in First Four Months of 2024
In the first four months of 2024, Indians lost over Rs 1,750 crore to cyber criminals, with more than 7.4 lakh complaints filed. The Indian Cyber Crime Coordination Centre (I4C) reported an average of 7,000 daily complaints in May, primarily financial fraud, marking a significant rise from previous years.
3. Cyber Fraud: Rs 4.88 Lakhs Siphoned from Powai Resident’s Account
A Powai resident lost Rs 4.88 lakhs through ten fraudulent transactions after installing a remote access app while seeking Cooper Hospital’s contact information. The scam was discovered when a cheque bounced. The victim reported the incident to the police and cybercrime helpline, and a case was registered.
4. Forced into Cyber Crimes: Cambodia Victims Speak Out
Thousands of Indians, lured by fake data entry job offers, are trapped in Cambodia and forced into cybercrime under deplorable conditions. Recent rescues highlight the issue, with ongoing efforts to free more victims. Agents in India, including those in Visakhapatnam, are being arrested. Over Rs 120 crore has been scammed in two years.
ALSO READ : Top Ten Corporate Frauds in India That Cost Banks, Public and Investors Billions
5. Tirupati Police Refund Rs 1.42 Lakh to Cyber Crime Victim in 20 Minutes
Tirupati Cyber Crime Police swiftly resolved a cyber fraud case, refunding Rs 1,42,545 to the victim within 20 minutes. Raju, scammed by someone posing as IndusInd Bank’s customer care, shared an OTP leading to the theft. Prompt police action canceled the fraudulent transaction, securing the refund.
INTERNATIONAL
6.Hackers Exploiting Microsoft Access Documents
Hackers are exploiting Microsoft Access documents to deploy malware, leading to data theft and file loss. Recent attacks involve ZIP archives containing malicious EXE and ACCDB files with macros that execute PowerShell commands. The UAC-0006 group targets Ukraine with SMOKELOADER malware, prompting urgent security measures from CERT-UA.
7. Malicious PyPI and NPM Packages Uncovered
Cybersecurity researchers are addressing MacOS malware in Python Package Index (PyPI) and NPM, including packages like “reallydonothing” and “jupyter-calendar-extension.” These malicious packages target standard directories and execute OS commands. The GuardDog tool scans for such malware, enhancing security for developers using open-source programs and aiding researchers.
8.HTML Impersonating PDF Viewer Login Pages
A report warns of a sophisticated phishing method using HTML pages designed to look like PDF viewer login pages, tricking users into disclosing personal details. These deceptive emails pose a significant risk to online security by misleading victims into entering their credentials.
9.Hackers Backdoor Courtroom Video Recording Software
Hackers inserted malware into the official JAVS Viewer software installer used in courtrooms worldwide. The compromised installer, version 8.3.7, operated from February to May 2024 before removal. It stole sensitive data and potentially established network persistence. Mitigation involves re-imaging affected devices, resetting credentials, and upgrading to a clean JVAS Viewer version.
10. Ransomhub Attacks Industrial Control Systems
RansomHub, a new ransomware group, poses critical threats to industrial control systems (ICS). They targeted a Spanish bioenergy plant’s SCADA system, indicating their ability to encrypt and steal ICS data. Hiring former ALPHV members, RansomHub admitted responsibility for the attack on Matadero de Gijon, following their previous cyber attack on Change Healthcare.