Important global cybercrime news has been curated by FutureCrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.
1. Bengaluru Court Denies Bail in ₹90 Lakh Cyber Fraud Case, Flags Risk to Financial Trust
A Bengaluru court denied anticipatory bail in a ₹90.45 lakh cyber fraud case involving a fake WhatsApp trading group. The court cited the scam’s threat to national financial trust, stressing the need for custodial interrogation due to the inter-state racket’s impact on online transaction credibility and public confidence.
2. Two Held in UP’s Bahraich for Orchestrating Online Fraud
Bahraich Police arrested two cybercriminals, for duping victims by opening bank accounts in their names and misusing them for online trading and gaming. Seized items include forged Aadhaar cards, cheque books, a laptop, and a car. Over ₹3 crore in fraudulent transactions were uncovered during the probe.
3. Mumbai Man Duped of ₹10 Lakh in Re 1 ‘Reward’ Scam
A Mumbai-based insurance company cashier lost ₹10.38 lakh after falling for a scam promising a reward for a ₹1 note. Lured via a social media ad, he made multiple payments to fraudsters posing as RBI agents. A police case has been filed under the IT Act and Bharatiya Nyaya Sanhita.
ALSO READ: Call for Cyber Experts: Join FCRF Academy as Trainers and Course Creators
4. Retired Officer Duped in Digital Arrest Scam; Delhi Cyber Police Nab 3
Delhi Police busted a cybercrime ring involving a ‘digital arrest’ scam, where fraudsters impersonating top officials held a retired officer under virtual custody for 72 hours, extorting ₹48.5 lakh. Three accused were arrested; links to Chinese-backed shell companies and 28 similar complaints across India were uncovered during the probe.
5. Duo Arrested in ₹46 Lakh Online Fraud Case
Kochi Police arrested two film industry professionals, for duping a Mattancherry man of ₹46 lakh through an online rating scam. Victim was lured via WhatsApp to deposit money for promised returns. Cyber Cell traced the accused using mobile tracking; further arrests and scams are under investigation.
INTERNATIONAL
6. Cozy Bear Targets EU Diplomats with Wine-Themed Malware Attack
Russian-backed hacker group APT29 (Cozy Bear) is targeting European diplomats using wine-tasting-themed phishing emails to deploy new malware tools—GrapeLoader and WineLoader. The attack begins with fake Ministry of Foreign Affairs invites, leading to stealthy cyber-espionage operations aimed at stealing sensitive data. Researchers urge heightened vigilance among diplomatic organisations.
ALSO READ: “DFIR Capability Maturity Assessment Framework” by ALGORITHA
7. Digital IDs Make a Comeback, Renewing Security Fears
The UK Cabinet Office has announced plans to introduce a single digital login for all government services, aiming to simplify access for citizens. Whether it’s renewing a passport, applying for a driving licence, or registering a birth, the initiative promises streamlined, user-friendly digital access to essential public services.
8. Cybersecurity Alert Issued for All North West Businesses
The North West Cyber Resilience Centre has urged businesses to boost cyber defences following a surge to 8.58 million cyber crimes in the UK. Despite a slight drop in reported breaches, phishing remains rampant. Experts stress the need for measures like MFA and VPNs to prevent devastating cyber attacks.
9. APT29 Uses Wine-Tasting Invites to Spread GRAPELOADER Malware Among EU Diplomats
Russian threat group APT29 is targeting European diplomats with a phishing campaign using new malware tools—GRAPELOADER and an upgraded WINELOADER—disguised as wine-tasting invites. GRAPELOADER ensures persistence and stealth, leading to espionage payloads. Separately, Gamaredon targets Ukraine with PteroLNK malware via USB drives, using aggressive spearphishing and self-propagating scripts.
ALSO READ: Call for Chapters: Contribute to the Book “Cyber Crime – From Theory to Practice”
10. Malicious npm Packages Masquerade as Telegram Bot API to Install SSH Backdoors on Linux
Researchers uncovered three malicious npm packages mimicking a Telegram bot library, designed to install SSH backdoors on Linux systems and exfiltrate data. The rogue packages use “starjacking” to appear legitimate. Even after removal, attackers retain remote access. Another package, disguised as a payment tool, launches a reverse shell on transaction success.
