Top 10 Daily Cybercrime Brief by FCRF [29.05.2024]: Click here to Know More

Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.

1. Cyber fraudsters swindle Rs 2 lakh from man by threatening him with claims of money being transferred to terrorists
In Hyderabad, cyber criminals posing as Crime Branch officers extorted Rs 2 lakh from an elderly man via a late-night WhatsApp video call, claiming his bank account was linked to terrorists. They threatened arrest and account freezing, prompting the man to transfer the money. He later realized the scam and reported it.

2. TN Police Cyber Wing issues warning against online scammers
The Tamil Nadu Police’s Cyber Crime Wing warned against online scams, urging people not to share bank details. Recently, a school teacher and a software engineer from Chennai lost Rs 20 lakh and Rs 65 lakh, respectively, in stock market scams. Authorities advise trading only with registered, credible firms to ensure safety.

3. Cybersecurity Alert: FedEx Courier Fraud Increasing; Millions at Risk
A massive data breach at an online retailer exposed millions of customers’ sensitive information. Amidst this, a new FedEx Courier Fraud scam has emerged, exploiting victims’ fears with fake legal threats. Hyderabad saw numerous victims, including a professor and businessman, lose significant amounts. Authorities urge immediate reporting to mitigate losses.

4. Indian citizen admits guilt in $37 million cryptocurrency theft plot
An Indian national pleads guilty in the U.S. for orchestrating a $37 million cryptocurrency theft through a spoofed Coinbase website. Victims were tricked into divulging login details and two-factor authentication codes. Meanwhile, arrests in the U.S. uncover a scheme aiding North Korean IT freelancers to obtain jobs at U.S. companies.

5. NIA conducts nationwide raids; 5 people are arrested for human trafficking and cyber fraud
The National Investigation Agency (NIA) arrested five individuals involved in a human trafficking and cyber fraud syndicate after extensive raids across multiple states. The gang trafficked youths to foreign countries, forcing them into illegal activities like credit card fraud and cryptocurrency schemes. Incriminating evidence, including documents and digital devices, was seized.

INTERNATIONAL

6. WPA executive member arrested for alleged cybercrime
WPA executive member Kidackie Amsterdam was arrested for alleged cyber-crimes after hosting a show where a caller incited violence against government officials. The WPA claims Amsterdam is a political prisoner and criticizes the police for denying bail and delaying court proceedings, accusing them of political harassment and intimidation.

7.2.8 million Americans discover their personal information was stolen months ago in Sav-Rx IT heist
Sav-Rx notified 2.8 million people about a data breach from October 2022, exposing personal information like names, social security numbers, and contact details. Despite no evidence of misuse, Sav-Rx offers two years of free credit monitoring. They claim the stolen data was destroyed but haven’t confirmed if a ransom was paid.

ALSO READ: Ransomware Attack Compromises Data at Medical Device Manufacturer LivaNova: Complete Details Inside

8. US State Department targets 911 S5 Botnet Cybercrime Network
The U.S. designated three Chinese nationals and three Thai entities for operating the 911 S5 botnet, which compromised 19 million IP addresses to commit cyber fraud, including fraudulent CARES Act applications. This action aims to disrupt their activities and protect the U.S. financial system from exploitation.

9. WordPress Plugin exploited to steal credit card data from e-commerce sites
Unknown threat actors exploit WordPress plugin “Dessky Snippets” to inject PHP credit card skimming malware, targeting WooCommerce checkout forms. Malicious code exfiltrates data to a specified URL. campaign disables autocomplete to evade browser warnings, mimicking legitimate transactions. Similar tactics observed with WPCode plugin abuse. WordPress site owners advised on security measures.

10. Experts caution against CatDDoS Botnet and DNSBomb DDoS attack method
The CatDDoS botnet exploits over 80 software vulnerabilities to launch DDoS attacks, affecting devices globally. Primarily targeting China and the U.S., it utilizes ChaCha20 encryption and an OpenNIC domain for C2 communication. Meanwhile, researchers unveil DNSBomb, a potent DNS-based PDoS attack that amplifies traffic by 20,000x.

Follow The420.in on

 Telegram, Facebook, Twitter, LinkedIn, Instagram and YouTube