Cyber Crime
Top 10 Daily Cybercrime Brief by FCRF [03.01.2025]: Click here to Know More
Important global cybercrime news has been curated by FutureCrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.
1. Engineer duped of Rs 40 lakh by cyber fraudsters using fake arrest warrant
A 24-year-old engineer from Bengaluru lost Rs 40 lakh to fraudsters posing as TRAI officials and police, accusing him of money laundering and trafficking. Convinced by fake arrest warrants and video calls, he transferred funds. He realized the fraud upon hearing a TRAI warning caller tune and filed a police complaint.
2. Mumbai woman scammed of Rs 1.5 crore while ordering food online
A 78-year-old South Mumbai woman lost Rs 1.51 crore to fraudsters posing as SIT officials, accusing her of drug trafficking and money laundering. Convinced by fake warrants and video calls, she transferred funds. Realizing the scam during a discussion, she reported it to the cyber helpline. Police are investigating.
FutureCrime Summit: Biggest Conference on Cyber Crimes Set to Return on February 13-14, 2025, in New Delhi
3. Russian liaison of Chinese cyber gang arrested for defrauding senior citizen
The Cyber Crime branch arrested Russian national for defrauding a senior citizen of Rs 17 lakh through a ‘digital arrest’ scam. The man, linked to a Chinese-led cyber gang, transferred stolen funds to cryptocurrency. Previously jailed for a Rs 71 lakh stock fraud in Pune, he was brought to Ahmedabad.
4. Faridabad policeman loses Rs 6 lakh to cyber scam
A Faridabad police sub-inspector lost Rs 6 lakh to cyber fraudsters who made three unauthorized transactions from his bank account. Despite not sharing OTPs or clicking suspicious links, the victim discovered the fraud through SMS alerts. He froze his account after learning about the Rs 3 lakh, Rs 2 lakh, and Rs 1 lakh transfers.
5. Two Rajasthan residents arrested for cyber fraud
Bapatla police cracked a Rs 74 lakh cyber fraud, arresting two suspects from Rajasthan and recovering Rs 7 lakh, 24 ATM cards, and 11 cheque books. Fraudsters posed as CBI officers, extorting money from a retired professor. Linked to Rs 10 crore scams across 18 states, police are pursuing two more suspects.
Nominate NOW for FCRF Excellence Awards at FutureCrime Summit 2025
INTERNATIONAL
6. Chinese Cyber-Spies Targeted Sanctions Data in US Treasury Hack
Chinese cyber-spies targeted the US Treasury Department, compromising workstations and stealing data from the Office of Foreign Assets Control (OFAC). The breach exploited a BeyondTrust API key vulnerability. US officials attributed the attack to a China state-sponsored APT actor, reflecting escalating cyber-espionage tied to Beijing’s intelligence efforts against America.
7. Critical Security Flaws Fixed in Microsoft Dynamics 365 and Power Apps API
Three patched vulnerabilities in Microsoft Dynamics 365 and Power Apps Web API exposed sensitive user data, including password hashes and emails. Discovered by Stratus Security, flaws in the OData Web API Filter and FetchXML API allowed unauthorized access and data extraction. Microsoft resolved the issues by May 2024, emphasizing cybersecurity vigilance.
8. FortiGuard Labs Ties EC2 Grouper Hackers to AWS Credential Exploits
Fortinet’s FortiGuard Labs identified EC2 Grouper, a hacker group exploiting AWS credentials through tools like PowerShell and misconfigured servers. Using distinct naming patterns for security groups, Grouper leverages APIs for reconnaissance and resource provisioning. Experts urge vigilance with CSPM tools and anomaly detection to combat such sophisticated cloud threats.
Registrations Open for FutureCrime Summit 2025: India’s Largest Conference on Technology-Driven Crime
9. Fake 7-Zip Exploit Code Linked to AI Misinterpretation
A social media claim of a zero-day exploit in 7-Zip, allegedly enabling arbitrary code execution, was debunked by cybersecurity experts and 7-Zip’s creator. The exploit, tied to non-existent functions, was likely AI-generated. Though a false alarm, the incident underscores the persistent threat of zero-day vulnerabilities and the need for vigilance.
10. LA Deputies Face Patrol Car PC Glitch Over New Year Date Issue
The Los Angeles County Sheriff’s Department’s patrol car computers failed on New Year’s Eve due to a date-related glitch, forcing officers to use radios and paper logs. The outdated CAD system, flagged as a critical risk since 2022, was unsupported and lacked IT staff, leaving deputies reliant on manual dispatching.