Cyber Crime
CloudSEK Unmasks Threat Actor Selling Bogus CBI Files For $1300 On Dark Web
NEW DELHI: Cybersecurity researchers have exposed a threat actor attempting to sell fake Central Bureau of Investigation (CBI) documents on the Dark Web for $1,300. The actor, identified by CloudSEK’s digital risk platform XVigil, claimed to have gained access to confidential data through a phishing attack on a CBI employee.
Samples of the “documents” were shared by the actor, including data related to the National Investigation Agency (NIA), wanted files, internal communications, and even confidential letters supposedly directed to the Prime Minister’s Office (PMO). However, a detailed investigation by CloudSEK revealed that the documents were manipulated and not authentic.
ALSO READ: FutureCrime Summit 2024: Most Innovative Confluence of Cyber Crime Fighters
Further investigation through HUMINT (human intelligence) confirmed the documents’ authenticity. The threat actor, known for selling government databases and remote access exploits on underground forums, has been active since November 2022 and holds a “High” reputation within the cyber threat landscape.
This incident highlights a growing trend of threat actors using fabricated or manipulated law enforcement documents for malicious purposes. These actions can erode public trust, extort victims, and generate financial gains for the perpetrators.
ALSO READ: Nominate India’s 100 Most Influential Cyber Warriors
Recommendations:
- Implement robust security measures: Enforce a stringent password policy and enable Multi-Factor Authentication (MFA) for all user logins.
- Patch and update vulnerabilities: Apply urgent patches and updates to vulnerable endpoints to prevent exploitation.
- Monitor account activity: Continuously monitor for unusual account activities to identify potential account takeovers.
Implications:
The emergence of threat actors peddling fake law enforcement documents on underground forums presents a rising concern with multifaceted implications. These actions can significantly impact various sectors, including:
- Eroding public trust: Fabricated documents can damage public confidence in law enforcement agencies and sow distrust in official communications.
- Extortion: Threat actors can use manipulated documents to extort victims, demanding money in exchange for withholding or not releasing damaging information.
- Financial gain: The sale of fake documents can generate significant financial gains for cybercriminals.
- Diverting resources: Investigating and responding to fake documents can divert crucial resources away from genuine threats.
By taking proactive measures to enhance cybersecurity and awareness, individuals and organizations can better protect themselves from the growing threat of fabricated law enforcement documents.