thecybershark, Author at The Cyber Shark

Hackers Deploy Neptune RAT via YouTube, Telegram & GitHub in Global Cyberattack

Hackers are spreading a powerful new malware, Neptune RAT, via YouTube, Telegram, and GitHub to steal passwords, and cryptocurrencies, and control Windows PCs undetected. Experts warn of its ransomware, spying, and data-wiping features, urging users to avoid suspicious links and strengthen cyber protection. The Neptune RAT, frequently referred to as the “Most Advanced RAT” (or remote access Trojan) ever, is a new strain of malware that hackers are using to infect vulnerable Windows PCs in a recent onslaught. The goal of this cyberattack is to hold victims hostage while stealing cryptocurrency and passwords. The Neptune RAT is quite sophisticated, according to a Cyber News report, and it can spy on the owner of the device, take over Windows devices, and do a lot more without being discovered by even the most effective antivirus program. The aforementioned malware strain is presently making the rounds on YouTube, Telegram, and GitHub, according to cybersecurity firm CYFIRMA. Similar to other malware strains, Neptune RAT operates on a malware-as-a-service basis, allowing any hacker to utilize it in their assaults for a monthly subscription. Everything you need to know about this new malware that targets Windows computers is provided here, along with some advice on how to protect your computer and data from the Neptune RAT. What can the Neptune RAT do? The Neptune RAT is a very powerful remote access program with a wide range of malevolent capabilities, according to CYFIRMA. A crypto clipper that tracks cryptocurrency transactions and substitutes wallet addresses under the control of attackers, rerouting cash without the victim’s awareness, is one of its most alarming characteristics. Apart from focusing on digital assets, Neptune RAT also has a password-stealing module that can retrieve login information from more than 270 programs, including popular web browsers like Chrome. The stolen data can be used to gain access to financial platforms, compromise social media accounts, and enable more attacks. The powers of the software go beyond simple stealing. One of its components is ransomware, which encrypts files and requests payment to unlock them. The system’s capacity to identify or react to the infection may be diminished if Windows Protector and other antivirus software are disabled. Additionally, Neptune RAT has screen tracking capabilities that let attackers see user activity in real-time. Data exploitation, blackmail, and spying are made possible by this. Neptune RAT contains a data destruction function that enables the attackers to fully erase the compromised system and leave no trace behind if they determine the virus has fulfilled its objective. How can one be safe? Since GitHub, Telegram, and YouTube are now the sites where Neptune RAT is being spread, users may want to avoid these sites as much as possible or exercise extreme caution while downloading files from them or clicking on links. Additionally, buying the best identity theft protection is encouraged as it will assist consumers in recovering money that has been lost due to an assault. These protection plans frequently include insurance, which is advantageous if an impacted user decides to replace their PC entirely.

Aadhaar Seva Kendra staff with access to data of thousands of visitors on cybercrime net

Two men from Haryana, including a former Aadhaar Seva Kendra staffer, were arrested by CID for forging Aadhaar and PAN cards to create fake firms and commit a ₹43 lakh Bitcoin scam. The accused misused the Aadhaar data of thousands of visitors, prompting a cybersecurity alert. CID investigators revealed that one of the two individuals detained from Haryana about a cyber scam purportedly led by bank management had previously worked at an Aadhaar Seva Kendra. The database of thousands of visitors to the centre was available to him. Officers from the state CID’s cyber police investigated a complaint from a resident of Chandernagore and discovered that several fake Aadhaar cards were used to register shell firms and related bank accounts. Himanshu Solanki, 32, and Praveen Kumar, 29, of Faridabad, Haryana, were detained by the state CID on 06 April 2025 suspicion of fabricating Aadhaar Seva Kendra and PAN cards as well as fictitious businesses using forged documents. Praveen Kumar altered his name to create several Aadhaar cards. He is identified as Paresh Kumar in one, Praveen Kumar in another, and Pratap Kumar in the third. Despite having different identities, they all share the same Aadhaar number, an officer stated. CID detectives believe that the gang, which has been falsifying the information of visitors to Aadhaar Seva Kendra, has other members. “It is best to mask your Aadhaar card so that the number will not be visible to anyone else, even if you use a photocopy,” a CID officer advised. To send an alert to the holder’s cell phone if someone attempts to commit any fraudulent conduct with their Aadhaar number, the police also suggested tying the Aadhaar to that number. According to CID officers, the accused defrauded the complainant of ₹43 lakh by enticing him to make a Bitcoin investment. On social media, he had seen the investment scheme’s marketing. A branch manager of a nationalized bank and his wife, who was stationed in Murshidabad, received the proceeds of the crime, the police discovered later in the investigation. The manager of the branch has already been taken into custody. He is being held by the police.

The Ghibli Art Craze: An Adorable Movement with a Secret Danger

The Ghibli Art trend has gone viral, turning real-life photos into whimsical animations, but cybercriminals are exploiting it with scams and malware. Authorities warn users to stay cautious and use only trusted platforms. The quirky new trend of Ghibli-style pictures has taken over the internet in recent weeks. From kids and influencers to famous people like Sachin Tendulkar and even official government websites, studio Ghibli’s distinctive animation style is being used to turn everyone’s real-life images into fantastical settings. However, there is a significant cybersecurity risk hidden beneath the idyllic images. The public was recently warned by the Chandigarh Police about the rise in cyber scams that use the Ghibli art craze as a lure. Why is Ghibli’s art so well-liked, and what is it? The renowned Japanese animation studio Studio Ghibli, founded by Hayao Miyazaki, Isao Takahata, and Toshio Suzuki, serves as the model for Ghibli Art. Studio Ghibli, well-known for classic movies like Spirited Away, My Neighbor Totoro, and Howl’s Moving Castle, is praised for its delicate colour schemes, emotionally charged narratives, and hand-drawn characters. Users may now quickly transform ordinary photographs into Ghibli-style illustrations thanks to the development of AI-powered tools. It’s now easier than ever to follow the trend, thanks to platforms like ChatGPT, which allow users to create up to three photos per day. How Did the Trend Go Viral? It all began when Seattle software engineer Grant Slaton created a Ghibli-style picture of his family at the beach using OpenAI’s image-generating tool. When he shared it on X (previously Twitter), it became viral, garnering millions of views and more than 45,000 likes. What started as a private post swiftly became a worldwide sensation, with others sharing their Ghibli-inspired works all across the world. The Dark Side: Cybercrime Hiding in Plain Sight The growing popularity of the fad presented an opportunity for cybercriminals. The Chandigarh Police said that criminals are now tricking people into installing malware or divulging personal information by exploiting phoney Ghibli art portals. Here’s how: Phishing Websites Phishers have created phoney Ghibli art websites that ask visitors to submit pictures. Once submitted, a photo or personal data may be stolen and used maliciously. Phishing emails Phishing emails purporting to be from Studio Ghibli are being sent to some users. These could provide links to “official” art outlets, products, or invitations to contests. However, after being clicked, these URLs have the potential to install malicious software that steals private information, including banking information and passwords. Scam Contests & Giveaways Cybercriminals are promising Ghibli-style artwork in exchange for user information through phoney online competitions and giveaways. It’s only a means of spreading viruses or gathering data. Dangerous Downloads Wallpapers or “Ghibli art packs” are available on some websites, however, the files could be infected with ransomware or viruses that lock down your computer or steal data. False Artist Listings Scammers are also using social media to pose as Ghibli fan artists. They might attempt to deceive users into disclosing personal information or offer phoney artwork. How to Stay Safe: Tips from Cyber Experts Here are some crucial safety precautions if you’re following the Ghibli trend: When creating Ghibli artwork, only use reputable and authorized sites. Never click on strange links or dubious emails. Refrain from giving strangers access to your personal or financial information online. If a contest or deal looks “too good to be true,” it probably is. Therefore, make sure to check it out first. Inform cybercrime authorities about any dubious emails, profiles, or websites. Final Thoughts Unquestionably stunning, the Ghibli Art movement is a celebration of creativity in the digital era. Yet, particularly on the internet, beauty frequently comes with risks. While incorporating a little fantasy into everyday life is fantastic, it’s equally crucial to remain vigilant and watchful. Go ahead and take in Ghibli’s magic, but be careful when you click. Art should be joyful, not dangerous.

Google Gemini Live update brings screen, and camera awareness to these phones

Google rolls out Project Astra-based camera and screen-sharing features in Google Gemini Live, enhancing real-time interaction on Pixel 9 and Galaxy S25 devices. Older Pixel users can access the features with a Gemini Advanced subscription. Google has started rolling out Project Astra-based cameras and screen-sharing features in the Google Gemini Live interface as part of the most recent Pixel Drop. Devices from the Samsung Galaxy S25 and Google Pixel 9 series come with these features free of charge. The capabilities are also available to users of previous Pixel devices, although they will require a Google Gemini Advanced membership. More participatory and visually aware conversations are made possible by the new Google Gemini Live features, which let users share their device’s screen or camera feed in real-time with the AI assistant. Details of camera and screen sharing with Gemini Live To obtain immediate information, users can utilize the camera on their smartphone to display Google Gemini as a landmark, a store, or a dish. Gemini changes its replies in real time as the camera moves. Similar to this, users can receive assistance during screen sharing based on the content that is shown on their screen, including documents, photographs, and web pages. How to use Gemini Live to share a screen Screen sharing can be enabled in two ways: Using the Gemini App on Mobile: Go to the live interface after launching the Google Gemini app. Press the recently added “Turn on screen sharing” button located at the bottom. Select “Share screen” from the option that appears. Outside of the Gemini app: You can use a voice command or long-press the power button to activate Google Gemini . Press the floating “Share screen with Live” button that shows up above the Gemini overlay. Select “Share screen” from the option that appears. Go back to the Gemini mobile app and select “Turn off screen sharing” to end sharing. As an alternative, press “Stop sharing” on the Screen Sharing card after swiping down from the top edge of the screen. Additionally, if the screen is locked or Live is paused, screen sharing instantly ends. How to use Gemini Live to share a camera Users can show Gemini what they are seeing by using their camera app while screen sharing is enabled. As an alternative: To begin sharing a live feed in Gemini Live, tap the camera icon. To stop, tap it one more. As necessary, switch between the front and rear cameras. According to Google, the camera will switch off on its own in the following circumstances: Gemini Live will automatically restart when it is resumed after being paused. You will have to manually turn the camera back on if your screen locks.

Fake Facebook Account of Joint Commissioner Used in Online Scam

Cybercriminals impersonated Delhi’s Anti-Corruption Joint Commissioner Madhur Varma on Facebook to scam people with fake sales offers. Meanwhile, the Supreme Court’s YouTube channel was hacked and filled with cryptocurrency content, raising concerns over government cybersecurity. The Joint Commissioner of Delhi’s Anti-Corruption Branch’s Facebook profile was once again made by cybercriminals in a startling instance of online impersonation. Details reveal that fraudsters utilized the fictitious Madhur Varma persona to deceive individuals into purchasing electronics and furnishings at “cheap rates.” The scammers allegedly messaged Varma’s contacts pretending to be him, offering home items for sale, and claiming that a “CRPF friend” was being moved and needed to sell off his belongings urgently. The messages were designed to trick consumers by seeming believable and welcoming. The Intelligence Fusion and Strategic Operations (IFSO) section will receive a formal complaint from Joint Commissioner Varma on Tuesday as a result of this. Additionally, he has used Facebook social media to warn the public of frauds that are being run under his name. The response of Joint Commissioner Madhur Varma Varma has also urged people to remain alert and report any suspicious activities right away. He has advised people to double-check any strange correspondence purporting to be from him, particularly when it involves money or purchases. “This has happened before. Three phoney profiles of the senior officer have already been made by Facebook scammers. Although two of them were removed earlier, sources claim that this is the third attempt to abuse his identity. The Supreme Court’s YouTube account was compromised. Notably, the Supreme Court’s official YouTube account was also compromised last year; as a result, it currently displays the moniker “Ripple” rather than “Supreme Court of India.” Videos about cryptocurrencies have taken the place of the nation’s highest judicial authority’s customary legal content in a concerning cyberattack. Work is being done to restore the channel and its original material after the theft sparked worries about the internet security of government digital assets. To find the people responsible for this occurrence, officials are currently looking into the breach.

Google Unveiled Sec-Gemini v1, a New AI Model for Cybersecurity

Google has launched Sec-Gemini v1, an advanced AI model designed to enhance cybersecurity by aiding in threat analysis, vulnerability assessment, and incident investigation. The model outperforms rivals on key benchmarks and is being offered to select partners for research collaboration. Google has made a huge attempt to counter cyber-attacks by introducing Sec-Gemini v1, an experimental AI model meant to revolutionize cybersecurity. Elie Burzstein and Marianna Tishchenko from the Sec-Gemini team introduced a new AI model designed to help cybersecurity defenders confront the growing complexity of cyber-attacks using advanced AI. The Sec-Gemini team emphasized the fundamental asymmetry in cybersecurity in a blog post: attackers only need to take advantage of one weakness, while defenders must fight against every potential assault. Security experts have long struggled with this imbalance, which makes their work laborious and error-prone. Sec-Gemini v1 uses AI-powered tools to “force multiply” cybersecurity workflows to give defenders the upper hand again. Based on Google’s Gemini model, Sec-Gemini v1 blends state-of-the-art reasoning abilities with near-real-time cybersecurity knowledge. Using a range of data sources, including Google Threat Intelligence (GTI), the Open Source Vulnerabilities (OSV) database, and Mandiant Threat Intelligence, In crucial domains like incident root cause investigation, threat analysis, and vulnerability impact assessment, the model provides unmatched performance. On the CTI-MCQ benchmark, a leading indicator of cybersecurity threat intelligence, it outperformed rivals by at least 11%. On the CTI-Root Cause Mapping (CTI-RCM) benchmark, which assesses a model’s capacity to decipher vulnerability descriptions, identify the underlying causes, and categorize them using the Common Weakness Enumeration (CWE) taxonomy, it scored at least 10.5% better than its competitors. Impact on the Real World and Cooperation Google offers a noteworthy example that demonstrates the usefulness of Sec-Gemini v1. The model provided a thorough explanation enhanced by Mandiant Threat Intelligence data in addition to accurately identifying “Salt Typhoon,” a known threat actor, which is something that not all AI models are capable of. Additionally, using information from OSV and contextualizing it with threat actor insights, Sec-Gemini v1 examined vulnerabilities associated with Salt Typhoon. It is anticipated that this level of research will aid cybersecurity experts in evaluating risks and addressing threats more effectively. Google underlined that the sector must work together to advance AI-driven cybersecurity. A limited number of organizations, institutions, experts, and non-governmental organizations shall have free access to Sec-Gemini v1 for research purposes in order to promote cooperation. Google has given a form for interested parties to use to seek early access. Google is putting itself at the forefront of AI cybersecurity with Sec-Gemini v1, providing a preview of a future in which defenders will be more prepared to fend off attackers. Tools like this could be crucial in levelling the playing field as cyber threats continue to change.

Financial frauds top Mizoram cybercrimes, over half of total cases filed

Financial frauds is the most common cybercrime in Mizoram, accounting for over 56% of the 321 cases reported since 2020. Authorities have recovered ₹1.42 crore, with 113 arrests and 40 convictions made in cybercrime cases during this period. According to official data, financial fraud accounted for 56.38 per cent of the 321 cases that were filed between January 2020 and March 11 of this year, making it the most prevalent cybercrime in Mizoram. According to data from the state cybercrime police station, 181 occurrences of financial crimes were reported during that time, mostly online banking fraud and impersonation deception. Identity theft (32 incidents), child pornography (16), harassment on social media (nine), copyright infringement (seven), false rumours (five), and hacking (one) are among the other offences. According to the archives, 2022 saw the greatest number of financial crimes, with 107 incidents documented. Approximately Rs 1.42 crore was recovered in financial frauds cases between 2021 and March 11, 2025. Records show that the state had the highest number of cybercrimes in 2022 (158 incidents), followed by 2023 (72 cases). Of the 41 cybercrime instances that occurred in 2024, 15 involved sexual harassment and 17 involved financial offences. Thirteen cases of cybercrime were recorded as of March 11 of this year, including six cases of sexual harassment and four cases of financial frauds. According to the records, since 2021, 113 people—including eight minors—have been arrested in cybercrime cases, and 40 of them have been found guilty.

Tech Mahindra and Nuix Collaborate to Provide Improved Data Investigation and Cybersecurity Tools

Tech Mahindra and Nuix , an Australian software company, have partnered to offer better data protection, fraud detection, and regulatory compliance solutions. The partnership combines Nuix’s AI-powered investigative and data analytics tools with Tech Mahindra’s expertise in digital engineering, cyber risk management, and artificial intelligence (AI). Tech Mahindra has partnered with Australian firm Nuix to enhance data investigation and cybersecurity solutions by integrating Nuix’s AI-powered analytics tools into its services. The collaboration aims to help businesses manage data breaches, fraud, and compliance, starting in the Asia Pacific and Japan regions. The main goal of the collaboration is to include Nuix’s Neo platform within Tech Mahindra and Nuix service portfolio. Businesses will be able to better manage data breaches, safeguard sensitive information, and react to fraud and regulatory concerns as a result, especially those in industries with stringent compliance requirements like banking, insurance, telecommunications, and government. Large amounts of structured and unstructured data can be processed by Nuix’s technologies, which then make the data searchable and actionable for legal examinations and investigations. “We will enable our clients to put in place reliable, economical, and incredibly scalable security solutions for the future. According to Harshvendra Soin, President of Asia Pacific and Japan Business at Tech Mahindra, “this partnership will accelerate our ability to deliver exceptional value, especially during critical moments like data breach incidents where rapid response is essential.” Before going worldwide, the collaborative endeavour will initially concentrate on clients in the Asia Pacific and Japan regions. Mahindra and Nuix will offer its knowledge of digital investigations and data privacy, while Tech Mahindra will assist with worldwide sales and delivery. In the wake of escalating cybersecurity concerns, the partnership is anticipated to assist both companies in increasing their footprints in regulated markets and providing more reliable solutions for handling digital evidence and personal data. Tech Mahindra and Nuix will collaborate to help businesses bolster their defences against fraud, data breaches, and regulatory risk. Through the partnership, customers will have access to some of Nuix’s most advanced data privacy, investigative, and legal solutions, such as Nuix Neo Data Privacy, Nuix Neo Investigations, and Nuix Neo Legal, which will help safeguard sensitive information (like personally identifiable information), expedite investigations, and oversee the curation of vast amounts of digital evidence for legal cases, according to Jonathan Rubinstein, CEO of Nuix.

Ghibli glam or privacy scam? Chandigarh Cyber Cell issues advisory

The Chandigarh Police Cybercrime Cell has warned against rising online frauds involving fake Ghibli artwork and merchandise. Users are advised to stay alert, verify sources, and avoid suspicious links or offers to protect their data and finances. The Chandigarh Police Cybercrime Cell has issued a warning about possible frauds that pose as Ghibli artwork or items. Ghibli’s artificial intelligence (AI)-generated graphics have garnered a lot of attention in the past week. According to a Cybercrime Cell statement, these crimes can take many different forms, and both authors and fans should be mindful of the possible dangers that exist in the digital realm. Cybercriminals frequently create phoney internet shops or auction platforms that purport to sell Ghibli artwork or authentic items. These websites have the potential to send fake goods, steal personal information, or vanish after a transaction. Before making a purchase, always confirm the legitimacy and authenticity of websites, according to DSP (Cyber Cell) Venkatesh. According to the DSP, who briefed on several cyber scams that may involve Ghibli, phishing emails may be sent by fraudsters posing as Ghibli news or offers. These emails may contain links to phoney social media profiles or retail locations. The DSP warned that clicking on these links could result in the download of malware or the loss of personal data. According to reports, phoney Ghibli-related competitions or prizes are frequently employed as a means of obtaining user information or persuading users to download harmful programs. Additionally, some cybercriminals pass off malware or ransomware as downloaded content (like Ghibli wallpapers or art packs), which is how hazardous software is camouflaged as Ghibli art. According to the Cyber Cell, if a person downloads the content, harmful software may be placed on their device, which might lock or steal data. Regarding identity theft, the DSP stated that cybercriminals may fabricate websites or social media profiles that pose as artists, particularly fan artists, to obtain admirers’ personal information or even to sell phoney artwork. When interacting with creators or fan communities, exercise caution at all times. The Cyber Cell advised using platforms that let users confirm their identity, including verified social media accounts, and refraining from disclosing private information, such as credit card numbers unless you have faith in the platform. The Cyber Cell provided information on how to confirm authenticity, stating that you should always make sure that websites or accounts that sell Ghibli artwork, products, or content are authentic. Report any stolen Ghibli artwork or fake goods you come across to the appropriate authorities or websites. Purchase genuine goods and downloads from reputable, official websites to avoid fraud, DSP Venkatesh said. Furthermore, it’s best to avoid falling for offers that seem too good to be true, Especially when they come from unknown websites or unwanted emails. According to the DSP, you may safeguard your work and yourself against cybercrime involving Ghibli art by remaining aware and alert.

BFSI and Tech Lead India’s Cyber Insurance Surge Amid Growing Attacks

Cyber insurance adoption in India is surging, driven by rising cyberattacks, with BFSI and tech sectors holding a 70% market share. Nearly 100% policy renewals and increased first-time buyers highlight its growing role in ensuring business continuity and regulatory compliance. In India, cyber insurance is expanding at an unprecedented rate, with 100% of policies being renewed as companies realize how often cyberattacks are becoming. With a combined 70% market share, the BFSI (35–40%) and technology (30%) sectors are driving uptake, per a survey by Policy Bazaar for Business. The survey also shows that business interruptions caused by data breaches account for 45% of all cyber insurance claims, underscoring the critical role that cyber coverage plays in preserving business continuity. According to the report, the largest penetration of cyber insurance is found in mid-to-large firms with annual sales of at least ₹10 crore, suggesting a better awareness of regulatory requirements and cyber hazards. The following is the adoption breakdown by industry: BFSI (35-40%) – Financial institutions are the biggest buyers of cyber insurance due to increased financial fraud, regulatory scrutiny, and customer data protection requirements. Technology & IT (30%) – IT and internet companies are giving risk mitigation through insurance top priority because of their data-heavy operations and high vulnerability to cyberattacks. Start-ups (25%) – Adoption among rapidly expanding firms is being driven by venture capital investors and contractual responsibilities. Healthcare (5%) – More and more hospitals and healthcare organizations are protecting themselves from ransomware and data intrusions. Logistics (5%) – Logistics companies are investing in coverage as a result of the increased cyber dangers brought about by the growth of digital supply chains. According to the survey, a notable change has also occurred, with 30–35% of companies acquiring cyber insurance for the first time. This implies that individuals are becoming increasingly conscious of the operational and financial risks associated with cyberattacks, especially for start-ups and mid-sized enterprises. More and more businesses are adopting a proactive strategy, acquiring coverage before an attack, in place of a reactive one. What’s driving cyber insurance claims? The survey also sheds light on the reasons why companies are submitting cyber insurance claims, with the biggest percentage (45%) citing business disruptions brought on by data breaches. Claim Type Percentage of Claims Business Interruption from Data Breach 45% Social Engineering Attacks (Phishing, CEO Fraud) 25% Ransomware Incidents 20% Other 10% Businesses are using insurance to cover both direct financial losses and operational disruption as a result of the increase in ransomware attacks and social engineering scams. According to the report, growing contractual duties and regulatory constraints have caused the cyber insurance market to expand rapidly over the past 12 to 24 months. Regulatory compliance: Businesses are being forced to strengthen their cyber resilience in response to more stringent cybersecurity regulations and data protection rules. Contractual requirements: As part of their risk management framework, businesses, particularly in the BFSI and IT sectors, now demand that partners and vendors obtain cyber insurance. Risk assessments: Businesses are aggressively detecting weaknesses and obtaining insurance before problems arise. Eva Saiwal, Head of Liability Insurance at Policy Bazaar for Commercial, notes that “cyber insurance has evolved from a niche product to a business necessity.” The nearly 100% renewal rate suggests that businesses consider it essential. Cyber insurance is now a crucial component that facilitates business continuity in addition to financial recovery. Building a robust digital ecosystem will require incorporating insurance into cyber risk management plans as cyber threats increase.

Author: thecybershark