Cyber Crime
Top 10 Daily Cybercrime Brief by FCRF [23.01.2025]: Click here to Know More
Important global cybercrime news has been curated by FutureCrime Researchers to keep you informed about various types of digital fraud occurring worldwide and to provide insights into the best mitigation strategies. Read below to learn more in detail.
1. Jharkhand Police Arrest Six Cybercriminals from Telangana and Bihar in Dhanbad
Dhanbad police arrested six cybercriminals, including four from Telangana and two from Bihar, operating from a rented flat. The suspects, involved in fake loan scams under “Online Bajaj Finance,” were caught with 13 mobile phones and 14 SIM cards. An FIR was previously lodged against them in Telangana.
2. Banker held for Rs 72L con linked to cyber fraud
Mumbai cyber police arrested Jaipur-based banker for misusing his position in a Rs 72 lakh investment fraud. He linked a client’s account to his personal details and siphoned Rs 30 lakh. The scam involved a WhatsApp group, fake investment promises, and fraudulent accounts. Police are investigating his accomplices and syndicate links.
3. Himachal Pradesh Man Duped of Rs 30 Lakh in Fraudulent Gaming App Scam
A Himachal Pradesh resident lost Rs 30 lakh in a gaming app scam after making 135 transactions. Initially lured by Rs 1.5 lakh profit, the victim later reported the fraud via the cyber helpline 1930. DIG Mohit Chawla highlighted the app’s international links and urged caution against unverified online platforms to prevent cyber fraud.
Registrations Open for FutureCrime Summit 2025: India’s Largest Conference on Technology-Driven Crime
4. Two Vellore Women Lose Rs 16.59 Lakh to Part-Time Job Fraud
Two Vellore women lost Rs 16.59 lakh to a fake part-time job scam promising high commissions for online tasks. Lured via Telegram, the victims invested Rs 4.79 lakh and Rs 11.8 lakh. Unable to withdraw fake balances, they reported the fraud through helpline 1930. Police registered a case and began investigations.
5. Cyber Fraud Gang Busted in Haryana’s Nuh; 15 Arrested
Haryana Police’s Cyber Fraud Control Cell arrested 15 cybercriminals in Nuh, seizing 20 phones, 29 SIM cards, and fake gold items. The gang used social media to post fake ads, engage in sextortion, and defraud victims. Authorities urged public caution against online scams and advised reporting fraud via helpline 1930.
INTERNATIONAL
6. Hackers Exploit Zero-Day Vulnerability in cnPilot Routers to Deploy AIRASHI DDoS Botnet
Hackers are exploiting a zero-day flaw in Cambium Networks cnPilot routers to deploy the AIRASHI botnet, capable of 1-3 Tbps DDoS attacks. The botnet targets IoT vulnerabilities globally, including AVTECH and LILIN devices. AIRASHI variants incorporate proxy features and advanced encryption, enhancing resilience against takedowns and expanding attack capabilities.
7. Zendesk Subdomain Registration Flaw Exposed Users to Phishing and Pig Butchering Scams
Threat actors are exploiting Zendesk’s subdomain registration feature to launch phishing and “pig butchering” scams. Using fake subdomains mimicking legitimate brands, attackers send phishing emails to deceive victims into sharing sensitive information or funds. CloudSEK identified 1,912 instances since 2023 and urged Zendesk to address vulnerabilities in email validation processes.
8. Trump Pardons Silk Road Founder Ross Ulbricht, Criticizes Prosecutors
Former U.S. President Donald Trump pardoned Ross Ulbricht, founder of the dark web marketplace Silk Road, calling prosecutors “scum.” Ulbricht, sentenced to two life terms for enabling drug trafficking and other crimes, was arrested in 2013. The pardon reignites debates on justice, personal freedom, and accountability in the digital age.
9. Telegram-Based Phishing Kit “Sneaky 2FA” Targets Microsoft 365 Accounts
Sekoia.io uncovered the “Sneaky 2FA” phishing kit targeting Microsoft 365 accounts. Offered as a Phishing-as-a-Service (PhaaS) via Telegram, it evades detection using Cloudflare Turnstile challenges, URL obfuscation, and anti-debugging features. This sophisticated kit enables real-time credential theft, emphasizing the need for phishing-resistant authentication and proactive domain monitoring.
10. Scammers Exploit California Wildfires, Pretending to Be Fire Relief Services
Cybercriminals are exploiting California wildfires with phishing scams, using fake domains like “malibu-firecom” to pose as fire relief services. These sites promise evacuation aid and donations but aim to steal personal data or install malware. Veriti Research urges vigilance, highlighting the need for awareness to avoid disaster-related cyber threats.