Cyber Crime
Top 10 Daily Cybercrime Brief by FCRF [03.10.2024]: Click here to Know More
Important global cybercrime news has been curated by Futurecrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.
1. Senior Citizen Defrauded of Rs 4.7 Crore, 13-Member Cyber Scam Ring Uncovered in Chennai
A 72-year-old Chennai resident lost Rs 4.7 crore to cyber fraudsters posing as officials who claimed her Aadhaar was linked to illegal activities. The police arrested a 13-member gang involved, recovering Rs 50 lakh. The stolen money was sent abroad and returned as cryptocurrency.
2. Cyber Fraud: Two Arrested for Swindling Rs 4.08 Crore from Kozhikode Doctor in Rajasthan
Two Rajasthan natives, Sunil Dangi and Sheetal Kumar Mehta, were arrested for extorting Rs 4.08 crore from a Kozhikode doctor via cyber fraud. Posing as “Amith,” Sunil manipulated the doctor over months. Police investigations revealed the money was laundered through gambling centers and seized phones and bank details.
3. Man Apprehended for Illegally Accessing Former Wife’s Social Media Account
Y. Venkata Ramana, 24, was arrested by the Cyber Crime police for hacking his ex-wife’s Instagram account and posting her private photographs. Following their divorce, he allegedly changed her social media passwords to harass her. The arrest came after the woman lodged a complaint in Visakhapatnam.
4. Police Crack Down on International Cybercrime Ring Operating with Indian SIM Cards
Uttarakhand Police and the Home Ministry busted a SIM card racket operated by a criminal, known as Sohil, from Haridwar. He fraudulently activated 1,816 SIM cards using Aadhaar details collected from women, selling them to cybercriminals in South-East Asia. The police seized SIM cards, phones, and biometric devices.
ALSO READ: Join The Movement: Registration Open for ‘Cyber Safe Uttar Pradesh’ Event by FCRF on October 17
5. 13 Cyber Scammers Arrested, Rs 50 Lakh Recovered
Chennai police arrested 13 members of a cybercrime gang involved in duping a 72-year-old woman of Rs 4.7 crore. The scammers convinced her to transfer her savings for a fake investigation, claiming her Aadhaar was used in illegal transactions. Police recovered Rs 53 lakh, tracing the money to hawala and cryptocurrency operations.
INTERNATIONAL
6. Fraudulent Trading Apps Exploit Victims Worldwide via Apple App Store and Google Play
A global fraud campaign, known as “pig butchering,” used fake trading apps on the Apple App Store, Google Play Store, and phishing sites to scam victims into investing in cryptocurrency. The apps, like UniShadowTrade, promised high returns but stole victims’ funds through social engineering and fake investment schemes.
7. China-Associated CeranaKeeper Targets Southeast Asia for Data Theft
CeranaKeeper, a newly identified threat actor, has been linked to data exfiltration attacks targeting Southeast Asia, including governmental institutions. Slovak cybersecurity firm ESET attributes the group to China, using backdoors like TONESHELL and custom tools such as WavyExfiller and DropboxFlop to steal data via cloud services, while evading detection.
8. Fake Job Applications Used to Deploy More_eggs Malware to HR Departments
A spear-phishing campaign targets recruiters with the JavaScript backdoor “More_eggs,” disguising malware as fake resumes. Trend Micro reports that attackers, linked to the Golden Chickens group, trick victims into downloading malicious files, leading to credential theft. The campaign focuses on recruiters, using email to build trust.
9. Warning: Over 700,000 DrayTek Routers Vulnerable to Hacking Through 14 Newly Discovered Flaws
A dozen new vulnerabilities, dubbed DRAY:BREAK, were found in DrayTek routers, including two critical flaws. These issues, like buffer overflows and command injection, allow attackers to take control of routers, risking enterprise network access. Over 704,000 routers are exposed, mainly in the U.S., Vietnam, and other countries.
10. Session Hijacking 2.0 — How Attackers are Evading Multi-Factor Authentication (MFA)
Session hijacking has evolved into an identity-based attack targeting cloud apps. Attackers use phishing toolkits and browser infostealers to capture session cookies, bypassing MFA and gaining access to cloud services. With modern tools, attackers can exploit both credentials and session tokens, making identity a critical security perimeter.