Cyber News Archives - Page 3 of 13

Andhra police arrest international cyber fraud syndicate, 33 held

Andhra police busted an international cyber fraud ring posing as Amazon support, arresting 33 and seizing tech gear and cash. The gang targeted US citizens via VoIP scams. An alleged worldwide cyber fraud gang based in Achyutapuram, Andhra Pradesh, has been busted by the police, who have arrested 33 individuals and confiscated expensive tech equipment and Rs 3 lakh in cash. Following a Village Revenue Officer’s report and information, Anakapalli district Deputy Superintendent of Police (DSP) Vishnu Swaroop conducted concurrent searches at three key locations on 22 May. Computers, network equipment, and upscale furniture were among the items confiscated. Swaroop told PTI on Friday that this was a full-fledged contact centre that used Amazon support as a front to target US individuals with impersonation and Voice Over Internet Protocol (VoIP) fraud. Police claim that job seekers were recruited via internet job boards, educated in impersonation tactics, and then used in scam calls to obtain private financial data from US citizens. Food and lodging were given to the recruits, who were primarily from Assam and northeast India. He claimed that after a week of training, they were on calls the following week. The fraud had four layers: managers, American bank representatives, and dialers impersonating Amazon assistance used “gift card redemptions” and other strategies to trick unsuspecting Americans.

Adidas Confirms Data Breach Exposing Customer Contact Information

Adidas Data Breach claims that a hack using a third-party service resulted in the theft of customer contact information. Payment information and passwords were not stolen. Adidas has revealed that its customers’ personal information was taken in a cyberattack. According to the sportswear giant, “certain consumer data” that “mainly consists” of the contact details of those who have interacted with its support desk was stolen by crooks. Adidas asserts that passwords and credit card credentials were not compromised in any way. “We remain fully committed to protecting the privacy and security of our consumers, and sincerely regret any inconvenience or concern caused by this incident,” it wrote on its blog. It makes sense that Adidas customers would be concerned that hackers may try to use their data, thus it’s critical that Adidas offers precise and timely updates to affected shoppers and supports them in taking steps to protect themselves,” said Lisa Barber, of the consumer advocacy organisation Which? She suggested that those who may be impacted closely monitor their credit reports and bank accounts for any unusual activity. They should also be cautious of unexpected calls, emails, or social media posts claiming to be related to the hack, she said, as these could be scammers attempting to profit from the cyberattack. It comes as significant hacks have attacked retailers like Co-op and Marks & Spencer. There is no evidence that Adidas has experienced a comparable circumstance to theirs, in which the intrusions caused significant disruptions to business operations. “Adidas recently became aware that an unauthorised external party obtained certain consumer data through a third-party customer service provider,” stated the business. “We collaborated with leading information security experts as quickly as we could to contain the problem and start a comprehensive investigation. “Adidas is in the process of informing potentially affected consumers as well as appropriate data protection and law enforcement authorities consistent with applicable law.” Since April 2025, a number of cyber events have been reported, and some specialists have discovered connections between them. Police in the UK are investigating the possibility that the M&S cyberattack was caused by Scattered Spider, a well-known group of English-speaking hackers. Hacks on the Co-op and Harrods are thought to have been carried out by the same group, but M&S was most severely affected. According to M&S, the company will lose around a third of its profit as a result of the cyberattack. There is no indication that this group is responsible for the Adidas data hack. However, the company disclosed earlier this month that data breaches had occurred in other areas of its global empire, including its South Korean and Turkish arms.

Odisha Police Train 700 Officers in Digital Investigation Techniques

Odisha Police: Around 700 police investigating officers from Odisha’s Eastern Range attended a digital investigation workshop on May 21, 2025, to enhance skills in e-investigation, evidence management, and case documentation. The initiative reflects Odisha Police’s commitment to modernising law enforcement through technology. Odisha’s Balasore (PTI) On May 21, 2025, around 700 police investigating officers (IOs) attended a workshop on the latest methods and knowledge in digital investigation, evidence management, and case documenting. The State Crime Records Bureau (SCRB) conducted a workshop for the IOs of the districts of Balasore, Bhadrak, and Mayurbhanj on e-investigation, e-sakshya, and e-sign, according to Satyajit Naik, DIG Eastern Range. The DIG stated, “The training aimed to equip IOs with the latest skills and knowledge in digital investigation, evidence management, and case documentation.” The police department uses technology to improve the efficacy and efficiency of investigations, which ultimately ensures the delivery of justice. According to the DIG, this project demonstrates the Odisha Police’s dedication to implementing creative solutions and keeping up with the most recent advancements in law enforcement. He stated that this capacity-building operation is expected to have a good effect on crime investigation and public service delivery in the area, and that the Eastern Range Police stand to gain enormously from it.

SRM University and Officers Training Academy sign an MOU

SRM University: SRM Institute of Science and Technology and the Officers Training Academy, Chennai, signed an MoU on May 26, 2025, to launch a diploma program in Cyber Security and IT for officer cadets. The initiative aims to enhance cadets’ technical skills and digital readiness for modern defence challenges. On May 26, 2025, the Officers Training Academy in Chennai and the SRM Institute of Science and Technology signed a Memorandum of Understanding to provide its officer cadets with additional training through a diploma program in Cyber Security and Information Technology. The program is intended to cover important topics including cybersecurity, data protection, and IT principles, according to a Defense announcement. The Memorandum of Understanding documents were signed by Officers Training Academy (OTA) Commandant Lt Gen Michael AJ Fernandez and Vice Chancellor Dr. C Muthamizh Selvan at the Officers Training Academy headquarters here. During his speech, Lt. Gen. Michael Fernandez stated that the days of thinking about warfare without utilising new technologies were long gone. He also urged the officer cadets to continue learning to stay up to date with the changes. He conveyed his expectation that the new course will empower future army commanders with cybersecurity and information technology capabilities, giving them the technical know-how and digital competency needed in the quickly evolving defence environment of today. SRM IST Vice Chancellor Dr. Muthamizh Selvan stated in his speech that the OTA officer cadets are welcome to use the university’s laboratories for their research and projects. Selvan maintained that it is time for educational establishments to transition from rigidity to flexibility and from tradition to innovation.

Department of Telecommunications Launches FRI Tool to Detect Risky Mobile Numbers in Cyber Frauds

The Department of Telecommunications has launched the Financial Fraud Risk Indicator (FRI) to help banks and payment platforms identify risky mobile numbers linked to cyber fraud. Platforms like PhonePe, Paytm, and Google Pay are integrating the tool to enhance transaction security. The Financial Fraud Risk Indicator (FRI), a new multi-dimensional analytical tool created as part of the Department of Telecommunications’ (DoT) Digital Intelligence Platform (DIP), was unveiled on Wednesday. Its purpose is to assist financial institutions in preventing cyber fraud by providing them with advanced, actionable intelligence. In order to combat financial crime and cyber fraud, FRI facilitates improved intelligence sharing with banks, UPI service providers, and other financial organizations. A cell phone number can be categorized as having a Medium, High, or Very High risk of financial fraud using this risk-based criteria. In the event that a mobile number is deemed to be at high risk, the action is expected to assist banks, non-banking financial institutions, and UPI service providers in giving enforcement top priority and implementing further client protection measures. The digital payment provider PhonePe, which was among the first to implement FRI, has utilised it to reject transactions associated with Very High FRI mobile numbers and to show a notice on the screen as part of the PhonePe Protect feature. According to the DoT, PhonePe is working to show a proactive user alert for Medium FRI numbers before authorising the transaction. PhonePe, Paytm, and Google Pay, which collectively manage over 90% of UPI transactions, have begun integrating DIP notifications into their systems, the DoT claims. Fraud detection According to the department, “this classification is the result of inputs obtained from various stakeholders, including intelligence shared by banks and financial institutions, reporting on DoT’s Chakshu platform, the National Cybercrime Reporting Portal (NCRP), and the Indian Cyber Crime Coordination Centre (I4Cs). The list of mobile numbers that were disconnected due to their involvement in cybercrime, failure to re-verify, and violating limitations is shared by the DoT every month. Financial fraud also frequently uses these numbers. The life of a cell number used in cyber frauds is usually a few days, and complete verification might take several days, therefore, the DoT believes that an advanced signal of risk associated with such numbers is quite important. As a result, when a stakeholder flags a suspected mobile number, it is subjected to multi-dimensional analysis, which determines whether it carries a Medium, High, or Very High financial risk. It is then promptly shared with all stakeholders via DIP.

Massive Facebook Data Leak Exposes 1.2 Billion User Records, Hacker Claims

Facebook Data: A hacker claims to have leaked data from 1.2 billion Facebook users, including emails, phone numbers, and more. Researchers verified part of the sample, raising concerns about Meta’s data security and ongoing scraping issues. In response to Cyber News, Facebook’s parent company, Meta, sent a brief message along with a link to a newsroom article from four years ago titled “How we combat scraping.” “This assertion is not new. A Meta representative stated, “We revealed this years ago and have since taken action to stop such events from occurring. Meanwhile, looked into a data sample that had information on 100,000 distinct Facebook user records that the attackers had added to the post. The data seems valid based on the contents of the sample rather than the entire dataset. The team claims that the dataset consists of: User IDs Names Email addresses Usernames Phone numbers Locations Birthdays Genders Researchers advise exercising caution regarding the veracity of the attacker’s claims regarding “1.2 billion Facebook user records,” despite the fact that they are remarkable. For starters, this is only the second post the attackers have ever made that contains alleged Facebook records that were scraped. Although the quantity was substantially smaller, data purportedly collected from Facebook was also included in another attacker’s post. Researchers speculated that after publishing one post, they were able to extract further data to reach 1.2 billion entries. The social networking site would flag another case of user data being scraped in bulk if the Facebook data scrape were verified. According to the team, this calls into doubt the company’s stance on the protection of consumers’ personal information. Recurring incidents indicate a tendency toward reactive security measures as opposed to proactive ones, especially when it comes to safeguarding critical yet publicly accessible data. Millions may be vulnerable to phishing, scams, identity theft, and long-term privacy problems due to the absence of more robust protections and transparency, the researchers stated. A dataset of that size can be used in a variety of ways by threat actors since it makes it simple for hackers to automate attacks, releasing hordes of bots that target each user in the dataset with minimal human intervention. Since malicious actors are aware that the email addresses in the dataset belong to Facebook members, they can utilise one of the several Facebook phishing methods to target Facebook users. Threat actors frequently try to use APIs for malicious ends. Attackers targeted Shopify, GoDaddy, Wix, and OpenAI’s APIs earlier this year. Actors with financial motivations frequently try to misuse the same method to gain access to cryptocurrency wallets. “A pattern of reactive rather than proactive security measures is evident in repeated incidents, especially when it comes to safeguarding sensitive but publicly visible data.” Since APIs enable communication between various services, the majority of well-known services would not be possible without them. Attackers, however, manage to leverage lawful APIs for malicious ends, such as retrieving significantly more data than the software applications were designed to do. Facebook data scraping is not unheard of. For instance, Meta acknowledged last year that it had used publicly available Facebook and Instagram data to train its AI virtual assistant. In 2021, however, a different hacker shared details about more than 500 million Facebook users, including locations and phone numbers. The Irish Data Protection Commission (DPC), the European Union’s top data privacy body, fined Meta €265 million ($266 million) for the leak.

Meet the Teen “Cyberterrorist” Who, During Operation Sindoor, Waged a Digital War Against India

Cyberterrorist: An 18-year-old from Gujarat was arrested for leading over 50 cyberattacks on Indian government websites during Operation Sindoor. Authorities suspect online radicalisation and possible foreign influence behind the coordinated digital assault. AHMEDABAD Jasim Shahnawaz Ansari, an 18-year-old from Nadiad, was detained by the Gujarat Anti-Terrorism Squad (ATS) for reportedly planning more than 50 assaults on Indian government websites, a development that has shocked the country’s cybersecurity scene. After India began Operation Sindoor in May 2025 as a military response after a terror incident in Pahalgam, the attacks allegedly became more intense. Officials claim that Ansari and other young people organised Distributed Denial of Service (DDoS) attacks using free tools obtained from websites such as GitHub and Termux in a group named AnonSec on Telegram. Among the targets were important government agencies in the fields of finance, urban development, aviation, and defence. On hacked websites, they frequently displayed anti-national statements such as “India may have started it, but we will be the ones to finish it.” Open-Source Weapons: A Cybercrime How-To According to investigators, the group learned Python programming and carried out attacks using open-source software and YouTube tutorials. Ansari allegedly overloaded government servers with digital traffic using programs like PyDroid. According to the ATS, the group boasted about their crimes in internet chat rooms after learning how to use websites like checkhost.net to confirm the effectiveness of their attacks. Even though many of the attacks were simple, intelligence services were alarmed by their sheer number and timing, which coincided with Operation Sindoor. After detecting discussion on online forums about India’s military operations, the Gujarat ATS began surveillance and monitoring. Eventually, they concentrated on the Telegram channels where attack plans were publicly discussed. Radicalisation, Recruitment, and the Juvenile Web Investigators have been taken aback not only by the attacks’ boldness but also by the target demographic. Ansari, a science student in class twelve who failed recent tests, is among an increasing number of young people engaged in cyber subversion. At least one further 17-year-old kid is being investigated, according to ATS officials. The ATS is currently investigating whether these kids acted on their initiative or with the support of foreign operators. “There is a chance that hostile outside forces could have an impact. A top ATS official stated, “We are looking at digital footprints to find any deeper affiliations.” Cyberterrorism-related FIRs have been submitted following Sections 43 and 66F of the IT Act. The arrest of a teenager responsible for such coordinated cyberattacks raises alarming concerns about online radicalisation, national resilience, and the ease with which the young and enraged can weaponise digital India is confronted with a complex threat matrix that includes both digital and physical fronts in its conflict.

Mumbai News: Man Arrested In ₹67 Lakh Cyber Fraud Targeting Elderly Sisters; Hunt on for Mastermind

Mumbai Police arrested Mohit Bhojraj in a ₹67 lakh cyber fraud case targeting two elderly sisters, with the mastermind Salid Mohammed Shaikh still at large. The victims were lured through a fake investment scheme on WhatsApp, promising high returns. A man from Dahisar has been taken into custody by the Mumbai Police’s South Cyber Cell about a ₹67 lakh cyber scam involving two elderly sisters. Mohit Akash Bhojraj has been recognised as the offender who was apprehended. Officials claim that Mohit maintained continuous communication with Salid Mohammed Shaikh, a well-known cyber fraudster who lives in Bengaluru, Karnataka, and is currently a sought-after suspect in the investigation. According to investigations, Mohit gave Shaikh access to 19 bank accounts, which were purportedly used to embezzle the stolen money. The cyber cell’s investigation to find the fugitive mastermind and follow the cash trail is still ongoing. The complaint claims that after investing in a financing company, the victims, two sisters living in Girgaon with their mother, were joined to a WhatsApp group in January 2025. A lady named Shruti Baheti ran the organisation and frequently shared information about profitable investment possibilities. Shruti posted conversation logs and screenshots purporting to show off earnings from prior investments in an attempt to win members’ trust. With the promise of large returns, Shruti persuaded one of the sisters to participate in a “block share deal” via direct messaging on January 21. The woman made a sizable investment after opening an account with the finance company. Following the first profits, her sister joined the organisation and invested as well. The sisters contributed a total of 67.15 lakh rupees. Their investment portfolio was reported to have increased to ₹1.88 crore shortly after. However, the transaction failed when they tried to withdraw ₹50 lakh. When asked, Shruti stated that before the money could be released, a tax payment was necessary. The sisters realized they had been duped at that point and filed a formal complaint. Mohit Bhojraj has been taken into custody by the cyber cell, which is also actively pursuing the other defendants, including the mastermind Salid Mohammed Shaikh. Investigations are still under progress.

New e-Zero FIR system will expedite the capture of cybercriminals: Amit Shah

Union Home Minister Amit Shah launched the e-Zero FIR system to auto-convert major cybercrime complaints into FIRs, starting with a ₹10 lakh threshold in Delhi. The initiative, led by the I4C, aims to accelerate cybercriminal tracking and will soon expand nationwide. On May 19, 2025, Union Home Minister Amit Shah announced that the Indian Cybercrime Coordination Centre (I4C) of the Ministry of Home Affairs had started the new e-Zero FIR project to catch cybercriminals faster than ever before. According to him, the new mechanism, which was introduced as a trial project for Delhi, will automatically convert cyber financial crimes reported on the National Cybercrime Reporting Portal (NCRP) and hotline number 1930 to FIRs, first surpassing the threshold of Rs 10 lakh. The effort will soon be expanded throughout the entire country, according to the minister. “To apprehend any criminal with previously unheard-of speed, the MHA’s Indian Cybercrime Coordination Centre (I4C) launched the new e-Zero FIR scheme. “The new system, which was first implemented as a pilot project for Delhi, will automatically convert cyber financial offences reported to the NCRP or 1930 to FIRs, initially exceeding the 10 lakh threshold limit. The new technology, which will speed up investigations and crack down on cybercriminals, will soon be available to the entire nation,” Shah wrote on ‘X’. The home minister said the Modi government is bolstering the cybersecurity grid to build a cyber-secure Bharat. The I4C was established by the New Delhi MHA to provide law enforcement agencies with a framework and setting for coordinating and fighting cybercrime in its entirety. It is intended that the I4C will serve as the focal point for reducing cybercrime in the nation.

CLAT Counselling 2025: NLIU Bhopal adds a BSc LLB Cyber Security Hons program to the seat matrix

CLAT Counselling 2025: NLIU Bhopal has introduced a new BSc LLB (Hons) in Cyber Security program in the CLAT 2025 seat matrix, open only to science stream students. CLAT 2025 counselling registration began on May 17 and will continue until May 21 at 5 PM. CLAT Counselling 2025: The National Law Institute University (NLIU), Bhopal’s seat matrix has been revised, according to the Consortium of National Law Universities (CNLU). According to the announcement, NLIU has added a new program to its list of courses offered through the Common Law Admission Test (CLAT) 2025: BSc LLB (Honours) in Cyber Security. Additionally, the updated CLAT UG 2025 results were released. The consortium advised candidates who wish to apply for the recently introduced program to include it on their list of preferences when they go through the CLAT UG 2025 counselling procedure. Notably, only applicants who took the science stream in their 12th grade are eligible for this course. The NLIU, Bhopal brochure, which is accessible on the Consortium’s official website, has also been recommended to candidates. The authorities have made it clear that after the deadline, requests for preference adjustments will not be considered. Candidates can email the helpdesk at clat@consortiumofnlus.ac.in or phone 08047162020 between 10:00 am and 5:00 pm on all working days if they have any questions or need any assistance. The new seat matrix for CLAT UG applicants is shown below: Vertical Reservation B.A.LL.B. B.Sc.LL.B. All India General/Unreserved 52 26 All India EWS 12 6 All India SC 16 8 All India ST 20 10 All India OBC 14 7 Horizontal Reservation General/Unreserved of MP 26 13 SC of MP 8 4 ST of MP 10 5 OBC of MP 7 4 Women 30 15 All India PWD 5 3 NRI/NRI Sponsored 18 9 J & K Resident 2 2 Here is the revised CLAT PG seat matrix: Vertical Reservation LL.M All India General/Unreserved 30 All India SC 10 All India ST 12 All India OBC 8 Horizontal Reservation 15 SC of MP 5 ST of MP 6 OBC of MP 4 Women 18 All India PWD 3 The CLAT 2025 results were revealed by the Consortium in the meantime, and admissions counselling registration opened on 17 May at 4 PM. Until 21 May at 5 PM, candidates can still finish the registration procedure by logging into their official accounts.

Cyber News