Cyber Crime
Top 10 Daily Cybercrime Brief by FCRF [24.09.2024]: Click here to Know More
Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.
1. Court Grants Bail to 37 Accused, Leaving Police Embarrassed
Phase 1 police were embarrassed after the district court granted bail to 37 accused in a cyber fraud case due to their failure to submit the challan within the 90-day period. The bail was granted under Section 167(2) of the CrPC, with conditions. While the police added forgery-related sections to the case initially, these were excluded when the challan was finally presented.
2. ‘Necro’ Android malware spreads through Google Play, infecting 11 million devices
A new version of the Necro malware loader infected 11 million Android devices via Google Play through malicious SDK supply chain attacks. The malware was spread using advertising SDKs in legitimate apps, game mods, and modified versions of popular software like Spotify, WhatsApp, and Minecraft. These compromised apps unknowingly facilitated the malware’s distribution.
3. 65% of websites lack protection against basic bot attacks
Consumer-centric and digital native industries, particularly luxury brands and e-commerce, face significant risks from bot attacks, with only 5% and 10% of their websites, respectively, being fully protected. Media websites are also highly vulnerable, with 94% lacking adequate defenses against ad fraud, content scraping, and DDoS attacks. The low cost and ease of creating bad bots have made them a preferred method for cybercriminals, underscoring the urgent need for stronger bot protection.
4. Women from Moneykonda fall victim to online scam, losing over Rs 15 lakhs
A 43-year-old woman from Hyderabad lost Rs 15 lakh in a fraudulent investment scheme that posed as SBI Securities. She initially invested small amounts, gradually increasing her contributions, but realized she had been scammed when she couldn’t withdraw her profits, leading her to file a complaint with the cybercrime authorities.
5. As cyber threats increase, so does India’s cyber insurance market
Cybersecurity breaches are increasingly common in India, highlighted by the 2023 ransomware attack on AIIMS. In response, the Indian government has nearly doubled its cybersecurity budget, from Rs 400 crore to Rs 759 crore for 2024-2025, reflecting the urgent need for stronger measures. The Ministry of Electronics and Information Technology (MeitY) is overseeing much of this expanded effort.
INTERNATIONAL
6. ‘Cybersecurity incident’ has kept MoneyGram offline for three days—and counting
MoneyGram has been offline since Friday due to a “cybersecurity issue,” affecting both in-person and online transactions. The fintech firm has not specified when services will resume or if ransomware is involved. Despite initial claims of a network outage, MoneyGram has confirmed a digital intrusion but has not yet attributed the breach to ransomware.
7. A former U.S. Secret Service agent and a convicted hacker are meeting for the first time on the GISEC Global stage.
At GISEC Global 2024 in Dubai, a former U.S. Secret Service agent and a Vietnamese ex-hacker-turned-cybersecurity-expert will reunite to discuss their dramatic cat-and-mouse chase that led to a pivotal conviction. Matt O’Neill, the retired agent, orchestrated the operation that captured the hacker, Hieu, leading to significant legal repercussions and further hacker convictions. O’Neill is celebrated for his exceptional career, including awards like the Special Agent of the Year and medals from the Department of Homeland Security.
ALSO READ: Join The Movement: Registration Open for ‘Cyber Safe Uttar Pradesh’ Event by FCRF on October 17
8. A critical vulnerability in the Microchip ASF has left IoT devices exposed to the risk of remote code execution.
A critical vulnerability in the Microchip Advanced Software Framework (ASF), tracked as CVE-2024-7490 with a CVSS score of 9.5, could enable remote code execution. The issue is a stack-based overflow in the ASF’s tinydhcp server due to insufficient input validation. All publicly available ASF code examples are affected, allowing specially crafted DHCP requests to exploit this flaw.
9. Chinese hackers are exploiting a vulnerability in GeoServer to target APAC countries with EAGLEDOOR malware.
An advanced persistent threat (APT) from China, identified as Earth Baxia, exploited a critical vulnerability in OSGeo GeoServer GeoTools to target government organizations in Taiwan and potentially other APAC countries. Detected by Trend Micro in July 2024, the attack appears to focus on government agencies, telecoms, and the energy sector in the Philippines, South Korea, Vietnam, Taiwan, and Thailand. The threat involved phishing emails, decoy documents, and targeted intrusion activities.
10. The new PondRAT malware concealed within Python packages is targeting software developers.
North Korean-linked threat actors are using poisoned Python packages to deliver new malware named PondRAT, a lighter variant of the POOLRAT macOS backdoor. Palo Alto Networks Unit 42 reports that this is part of Operation Dream Job, a campaign where targets are enticed with fake job offers to download malware. The attackers have uploaded malicious packages to PyPI, with links to the threat group Gleaming Pisces.