The Top Ten cyber crime news summaries on The420 are meticulously curated by Future Crime Researchers from the Future Crime Research Foundation (FCRF) and powered by Algoritha Security Pvt. Ltd. These summaries feature the most critical cyber crime developments from around the world. Keep reading and stay safe.
1. ₹5-Crore Cyber Fraud Racket Busted; Four Arrested in Nationwide Operation
Delhi Police busted multiple cyber syndicates involved in investment and “digital arrest” frauds, arresting four men and uncovering a ₹5-crore cryptocurrency trail linked to Dubai handlers. Raids across four states seized phones, SIMs, and fake firm records. Key accused include two people, both from Haryana.
2.Retired Bank Officer Defrauded of ₹18.3 Lakh in Sophisticated Online Scam
A retired bank employee from Sector 46 lost ₹18.31 lakh after cybercriminals hacked his phone via a malicious APK file sent under the guise of pension verification. The fraudster, posing as a bank official, cloned the victim’s device and transferred money in multiple transactions. Police have registered a case and begun investigation.
3.Nagpur Police Dismantle Pan-India Job Scam Network Targeting 21 States
Nagpur Police busted a ₹21-crore cyber fraud syndicate that duped job seekers by misusing their documents to open mule accounts for illegal online gaming, betting, and hawala operations across 21 states. Twenty-three accused were arrested, assets worth ₹17.47 lakh and ₹53 lakh bank balance frozen, while five suspects remain absconding.
4.Chittorgarh Police Nab Accused in Major Cyber Fraud Case
Chittorgarh police arrested a man, from Alwar for blackmailing a man through a fake WhatsApp video call scam. The accused and his gang demanded ₹19,500, threatening to post fabricated videos online. The victim reported the fraud via helpline 1930, enabling police to trace and arrest Bairwa promptly.
5.₹5-Crore Crypto Fraud Racket Exposed; Dubai Money Trail Under Probe
Delhi Police busted cyber fraud syndicates running investment and digital arrest scams, arresting four men and tracing a ₹5-crore cryptocurrency trail linked to Dubai handlers. Raids across four states seized phones, cards, and fake firm documents. The accused ran mule accounts and laundering networks under foreign supervision, officials said.
INTERNATIONAL
6.Intel Files Lawsuit Against Former Engineer for Stealing 18,000 Confidential Files
Intel has sued former engineer Luo for allegedly stealing 18,000 “Top Secret” files before his layoff in July 2024. The data, copied to a NAS device, contained sensitive company information. Despite repeated contact attempts, Luo remains untraceable. Intel seeks return of data, damages, and device inspection through a Washington court.
7.LANDFALL Spyware Campaign Hits Samsung Galaxy Devices Through Malicious Image Files
Researchers uncovered LANDFALL, a zero-click spyware exploiting a critical flaw (CVE-2025-21042) in Samsung’s image processing library to infect Galaxy devices via malicious WhatsApp images. Active since mid-2024, the malware enabled full surveillance and data theft. Samsung patched the vulnerability in April 2025, protecting updated devices from further attacks.
8.Hackers Exploit Triofox Vulnerability to Deploy Remote Access Tools via Antivirus Feature
Mandiant uncovered active exploitation of a critical Triofox flaw (CVE-2025-12480, CVSS 9.1) allowing attackers to bypass authentication and gain admin access. Threat group UNC6485 used the antivirus feature to execute malicious scripts, deploy remote-access tools like Zoho Assist and AnyDesk, and escalate privileges. Users are urged to update Triofox immediately.
9.Konni Group Abuses Google’s Find My Device Hub for Remote Data Wiping Attacks
North Korean-linked Konni APT used spear-phishing and fake “stress-relief” apps to deliver EndRAT and Lilith malware, stealing credentials and abusing Google’s Find Hub to remotely wipe Android devices. Malware enabled long-term surveillance, data exfiltration and lateral access; investigators also flagged related Lazarus Comebacker and Kimsuky JavaScript dropper activity, recently observed.
10.ClickFix Phishing Campaign Targets Global Hotel Networks with PureRAT Malware Payloads
Researchers warned of a large phishing campaign targeting hotels that dupes managers with ClickFix-style pages to harvest Booking.com/Expedia credentials and deploy PureRAT. Attackers use compromised emails, malicious redirects, and PowerShell chains to install RATs, then sell or abuse accounts for fraud and customer-targeted scams. Operators use crime-as-a-service tools and marketplaces.
