Achive.php May 23, 2025 - The Cyber Shark
Contributor

Archives for May 23, 2025

Department of Telecommunications Launches FRI Tool to Detect Risky Mobile Numbers in Cyber Frauds

Department of Telecommunications

The Department of Telecommunications has launched the Financial Fraud Risk Indicator (FRI) to help banks and payment platforms identify risky mobile numbers linked to cyber fraud. Platforms like PhonePe, Paytm, and Google Pay are integrating the tool to enhance transaction security. The Financial Fraud Risk Indicator (FRI), a new multi-dimensional analytical tool created as part of the Department of Telecommunications’ (DoT) Digital Intelligence Platform (DIP), was unveiled on Wednesday. Its purpose is to assist financial institutions in preventing cyber fraud by providing them with advanced, actionable intelligence. In order to combat financial crime and cyber fraud, FRI facilitates improved intelligence sharing with banks, UPI service providers, and other financial organizations. A cell phone number can be categorized as having a Medium, High, or Very High risk of financial fraud using this risk-based criteria. In the event that a mobile number is deemed to be at high risk, the action is expected to assist banks, non-banking financial institutions, and UPI service providers in giving enforcement top priority and implementing further client protection measures. The digital payment provider PhonePe, which was among the first to implement FRI, has utilised it to reject transactions associated with Very High FRI mobile numbers and to show a notice on the screen as part of the PhonePe Protect feature. According to the DoT, PhonePe is working to show a proactive user alert for Medium FRI numbers before authorising the transaction. PhonePe, Paytm, and Google Pay, which collectively manage over 90% of UPI transactions, have begun integrating DIP notifications into their systems, the DoT claims. Fraud detection According to the department, “this classification is the result of inputs obtained from various stakeholders, including intelligence shared by banks and financial institutions, reporting on DoT’s Chakshu platform, the National Cybercrime Reporting Portal (NCRP), and the Indian Cyber Crime Coordination Centre (I4Cs). The list of mobile numbers that were disconnected due to their involvement in cybercrime, failure to re-verify, and violating limitations is shared by the DoT every month. Financial fraud also frequently uses these numbers. The life of a cell number used in cyber frauds is usually a few days, and complete verification might take several days, therefore, the DoT believes that an advanced signal of risk associated with such numbers is quite important. As a result, when a stakeholder flags a suspected mobile number, it is subjected to multi-dimensional analysis, which determines whether it carries a Medium, High, or Very High financial risk. It is then promptly shared with all stakeholders via DIP.

OpenAI Acquires Jony Ive’s AI Startup io for $6.4 Billion in Major Hardware Push

OpenAI

OpenAI is acquiring Jony Ive’s AI device startup, io, for $6.4 billion in an all-equity deal, marking its major push into hardware. I’ve will lead design efforts at both OpenAI and io, while io integrates with OpenAI’s San Francisco teams. On May 21, 2025, OpenAI announced that it would acquire Jony Ive’s AI device startup, io, for roughly $6.4 billion in an all-equity transaction, solidifying the AI company’s entry into the hardware market. The company said in a statement that Ive will be taking on “deep creative and design responsibilities across OpenAI and io.”  Ive and LoveFrom, his “creative collective,” will continue to operate independently. According to OpenAI, while io will be coming in-house. Ive and OpenAI CEO Sam Altman wrote in a blog post on May 21 that Ive launched io a year ago with the help of Apple alums Scott Cannon, Tang Tan, and Evans Hankey, who temporarily filled Ive’s position at Apple after he left. In order to collaborate more closely with the research, engineering, and product teams in San Francisco, the io team—which is dedicated to creating products that inspire, empower, and enable—will now join with OpenAI, according to the post. OpenAI, which already controls 23% of the business, stated that it is paying $5 billion in the deal. Ive is “the greatest designer in the world,” according to Altman’s post on X. This is by far OpenAI’s biggest acquisition to date, and it comes weeks after the business agreed to pay $3 billion to acquire the AI-assisted coding tool Windsurf. Before that, in 2024, OpenAI paid an unknown amount to purchase the analytics database startup Rockset. To launch LoveFrom, Ive declared in 2019 that he was leaving Apple, where he had served as chief design officer for several years. In 2020, Airbnb announced that I had been advising the business on hiring and upcoming features. Last year, the New York Times revealed that LoveFrom’s designers were working on projects for Christie’s, Airbnb, and Ferrari at the time, and that the company’s clients pay it up to $200 million annually. Ive and designer Marc Newson formed LoveFrom, according to the company’s website, but it makes no mention of io or what the business does. Apple’s most recognisable products, such as the iPod, iPhone, iPad, and MacBook Air, were all designed by Ive. Additionally, he contributed to the design of Apple Park, the company’s new Cupertino headquarters, which was started in 2004 and formally opened in 2019. As competitors like Google, Anthropic, and Elon Musk’s xAI are making significant investments and frequently releasing new products, OpenAI, which was recently valued at $300 billion in a funding round spearheaded by Soft Bank, is scrambling to remain ahead of the competition in the generative AI space. Strengthening its hardware operations is one way to keep ahead of the competition. To advance its hardware objectives, OpenAI in November named the former leader of Meta’s Orion augmented reality glasses project to lead its robotics and consumer hardware initiatives. The position would “initially focus on OpenAI’s robotics work and partnerships to help bring AI into the physical world and unlock its benefits for humanity,” according to a statement made at the time by Caitlin “CK” Kalinowski. Additionally, in November, OpenAI invested $400 million at a valuation of $2.4 billion in Physical Intelligence, a robot company based in San Francisco.  Among the other investors was Amazon founder Jeff Bezos. By creating extensive AI models and algorithms to drive robots, the business aims to “bring general-purpose AI into the physical world,” according to its website.

Massive Facebook Data Leak Exposes 1.2 Billion User Records, Hacker Claims

Facebook Data

Facebook Data: A hacker claims to have leaked data from 1.2 billion Facebook users, including emails, phone numbers, and more. Researchers verified part of the sample, raising concerns about Meta’s data security and ongoing scraping issues. In response to Cyber News, Facebook’s parent company, Meta, sent a brief message along with a link to a newsroom article from four years ago titled “How we combat scraping.” “This assertion is not new. A Meta representative stated, “We revealed this years ago and have since taken action to stop such events from occurring. Meanwhile, looked into a data sample that had information on 100,000 distinct Facebook user records that the attackers had added to the post. The data seems valid based on the contents of the sample rather than the entire dataset. The team claims that the dataset consists of: User IDs Names Email addresses Usernames Phone numbers Locations Birthdays Genders Researchers advise exercising caution regarding the veracity of the attacker’s claims regarding “1.2 billion Facebook user records,” despite the fact that they are remarkable. For starters, this is only the second post the attackers have ever made that contains alleged Facebook records that were scraped. Although the quantity was substantially smaller, data purportedly collected from Facebook was also included in another attacker’s post. Researchers speculated that after publishing one post, they were able to extract further data to reach 1.2 billion entries. The social networking site would flag another case of user data being scraped in bulk if the Facebook data scrape were verified. According to the team, this calls into doubt the company’s stance on the protection of consumers’ personal information. Recurring incidents indicate a tendency toward reactive security measures as opposed to proactive ones, especially when it comes to safeguarding critical yet publicly accessible data. Millions may be vulnerable to phishing, scams, identity theft, and long-term privacy problems due to the absence of more robust protections and transparency, the researchers stated. A dataset of that size can be used in a variety of ways by threat actors since it makes it simple for hackers to automate attacks, releasing hordes of bots that target each user in the dataset with minimal human intervention. Since malicious actors are aware that the email addresses in the dataset belong to Facebook members, they can utilise one of the several Facebook phishing methods to target Facebook users. Threat actors frequently try to use APIs for malicious ends. Attackers targeted Shopify, GoDaddy, Wix, and OpenAI’s APIs earlier this year. Actors with financial motivations frequently try to misuse the same method to gain access to cryptocurrency wallets. “A pattern of reactive rather than proactive security measures is evident in repeated incidents, especially when it comes to safeguarding sensitive but publicly visible data.” Since APIs enable communication between various services, the majority of well-known services would not be possible without them. Attackers, however, manage to leverage lawful APIs for malicious ends, such as retrieving significantly more data than the software applications were designed to do. Facebook data scraping is not unheard of. For instance, Meta acknowledged last year that it had used publicly available Facebook and Instagram data to train its AI virtual assistant. In 2021, however, a different hacker shared details about more than 500 million Facebook users, including locations and phone numbers. The Irish Data Protection Commission (DPC), the European Union’s top data privacy body, fined Meta €265 million ($266 million) for the leak.