Achive.php Cyber News Archives - Page 9 of 13 - The Cyber Shark
Contributor

Cyber News

Digital arrests, cyber crimes tripled during 2022-24, govt tells Parliament

Digital arrest scams in India tripled from 2022 to 2024, with losses soaring 21 times to Rs 19,35.51 crore. The government blocked suspicious accounts and launched awareness campaigns to curb cybercrime. The Rajya Sabha was notified on March 12, 2025, that the number of digital arrest scams and associated cybercrimes in the nation nearly tripled in the middle of 2022 and 2024, with the amount of money deceived increasing by 21 times during that time. The Minister of State for Home Affairs, Bandi Sanjay Kumar, answered a question by giving details about digital arrest frauds and related cybercrimes that have been reported on the National Cybercrime Reporting Portal (NCRP) during the previous three years. 39,925 of these occurrences were recorded in 2022, with the total proceeds of the fraud amounting to Rs 91.14 crore. The overall amount of cheated money recorded on the portal increased by an astounding 21 times to Rs 19,35.51 crore in 2024, while the number of such cases nearly tripled to 1,23,672. Data shows that 17,718 incidents totalling Rs 210.21 crore in fraud were reported up to February 28 in the first two months of 2025. “Cybercrime incidents reported for digital arrest on this portal, their conversion into FIRs and subsequent action thereon are handled by the state/UT law enforcement agencies concerned, as per the provisions of the law,” Kumar said. The Union Home Ministry’s Indian Cyber Crime Coordination Centre (I4C) has proactively detected and blocked around 3,962 Skype IDs and 83,668 WhatsApp accounts that are used for digital arrest, the minister stated. In 2021, the Citizen Financial Cyber Fraud Reporting and Management System was introduced under I4C to prevent financial fraudsters from stealing money and to enable prompt reporting of financial frauds. “nearly 13.36 lakh complaints have resulted in savings of nearly Rs 4,386 crore to date. For assistance in filing online cyber complaints, a toll-free helpline number, 1930, has been operationalized, according to Kimar. According to the minister, I4C and the Department of Telecommunications (DoT) have started a caller tone campaign to increase awareness of cybercrime and promote the NCRP and helpline number 1930 to combat the threat. “The caller tune is also being played in regional languages, delivered 7-8 times a day by the telecom service providers (TSPs),” the minister said. The Central government and the TSPs have developed a method to detect and reject incoming overseas spoof calls that display Indian mobile numbers and seem to be coming from within India, Kumar said in response to a second inquiry about the matter. “TSPs have received instructions to block these inbound international fake calls. According to police officials, the Indian government has blocked 2,08,469 IMEIs and about 7.81 lakh SIM cards as of February 28, 2025,” Kumar stated. The minister responded to a follow-up question by stating that on September 10, 2024, 14C, in partnership with banks and financial organizations, established a suspect registry of cyber criminals for digital arrest. “So far, more than eight lakh suspect records and over 20 lakh mule accounts have been shared with the participating entities of the suspect registry, saving more than Rs 2,889 crore,” Kumar said.

Elon Musk claims ‘massive cyber-attack’ caused X outages

Elon Musk

Elon Musk claimed a “massive cyber-attack” caused X outages on March 10, 2025, with possible ties to Ukraine. The disruptions occurred alongside ongoing challenges facing his businesses, including Tesla protests and a SpaceX rocket failure. On the afternoon of March 10, 2025, Elon Musk asserted that X was the victim of a “massive cyber-attack” that caused sporadic service interruptions that shut down his social network all day. For many users, the platform—formerly known as Twitter—had been sluggish, with posts failing to load. The CEO of the site wrote, “This was accomplished with a lot of resources, but we get attacked every day.” “Either a nation or a sizable, well-organized group is involved.” Thousands of reports of outages that first rose at around 5.45 am before settling down for a few hours were displayed by Down Detector, a tool that tracks outages on different websites and platforms. Midway through the day, there was a second spike in reported failures, most of which were on the company’s mobile app. When a tweet didn’t show up, it said “something went wrong” and advised users to try loading again. The world’s wealthiest guy made assertions without supporting documentation. In response to a Bitcoin influencer who implied that the downtime mirrored earlier criticism of Elon Musk businesses, he posted. Over the past week, there have been vandalism attacks against Tesla dealerships and protests against the so-called “Department of Government Efficiency” project that Musk oversees. In an interview with Fox Business later that day, Musk reiterated his claim of a hack and speculated that the assailants may have been Ukrainian. According to Elon Musk, “A massive cyber-attack was launched to try to bring down the X system with IP addresses originating in the Ukraine area, but we’re not exactly sure what happened.” As ties have worsened between the Ukrainian government and the Trump administration, Musk has been harshly critical of it. Musk claimed over the weekend that if he shut down his Starlink satellite communications provider, the nation’s “entire front line” would fall apart. He also referred to Democratic Senator Mark Kelly as a “traitor” when the politician shared his trip to the country on social media. The CEO of SpaceX, who paid $44 billion to acquire Twitter in 2022, has also asserted that cyberattacks were to blame for earlier platform disruptions. Last year, Elon Musk claimed that a “massive DDOS attack” was to blame for the near-instantaneous meltdown of his live-streamed discussion with Donald Trump. The Verge was later informed by a company source, however, that there was no attack. The X outages are only one of many problems Musk’s companies and projects have been dealing with lately. One of Musk’s SpaceX rockets burst in midair on March 7, 2025, showering debris in the vicinity of the Bahamas. Tesla customers are selling their cars, the company’s stock price dropped on 10 March 2025 to its lowest level in months, and his auto company’s showrooms have been the subject of an Over the past week, there have been numerous “Tesla takedown” protests across the country. Following a heated meeting with Elon Musk and his cabinet secretaries, Trump said he might limit Elon Musk authority over government employees, whom the entrepreneur has fired in large numbers from some departments.

I4C’s ‘Pratibimb’ Module Revolutionizes Cybercrime Investigations with 6,000+ Arrests

Pratibimb

The ‘Pratibimb’ module provides jurisdictional officials with visibility into the locations of offenders and crime infrastructure. The Lok Sabha received notice on March 11, 2025, that the Indian Cyber Crime Coordination Centre (I4C) of the Union Home Ministry had introduced the ‘Pratibimb’ module, which tracks the whereabouts of criminals and has led to 36,296 requests for help with cyber investigations, 17,185 linkages, and 6,046 accused arrests. Bandi Sanjay Kumar, Minister of State for Home Affairs, responded to a query by stating that ‘Samanvaya‘, a platform for information sharing and analysis on cybercrimes, has been introduced for Law Enforcement Agencies (LEAs). According to him, it offers data on the perpetrators and crimes linked to interstate connections in cybercrime complaints from different States and UTs. The ‘Pratibimb’ module maps the locations of offenders and crime infrastructure, giving jurisdictional officials visibility. Law Enforcement Agencies can more easily request and receive techno-legal support from I4C and other SMEs thanks to this module. 36,296 requests for assistance with cyber investigations, 17,185 links, and 6,046 accused people have been arrested as a result,” the Minister stated. He went on to say that I4C is an affiliated office established by the Ministry to coordinate and fully address all forms of cybercrimes in the nation. The state-of-the-art ‘National Cyber Forensic Laboratory (Investigation)’ was established as part of the I4C in New Delhi to provide early-stage cyber forensic support to State/UT Police Investigating Officers (IOs). According to him, the National Cyber Forensics Laboratory (Investigation) has so far assisted State/UT LEAs in about 11,835 cybercrime cases.

Cyber fraud losses in India have surged nearly 10-fold in a decade: finance ministry

Cyber fraud

Losses from Cyber fraud have more than doubled in just ten years, said Pankaj Chaudhary, Minister of State in the Union Finance Ministry, who made this announcement on 10 March 2025. Responding to a question in the Lok Sabha, Mr Chaudhary said losses due to cyber frauds would increase from ₹18.46 crore in 2014-15 to around ₹177.05 crore in 2023-24. Last year, the cost of cyber scams during the first nine months of 2025 (April-December 2024) was ₹107.21 crore. He noted that the number of cyberfrauds involving ₹1 lakh or more increased from 815 in FY15 to 29,082 in FY24. This figure was 13,384 during the first nine months of FY25. Chaudhary stated, “Incidences of fraudulent practices, including digital payment frauds, have also increased in the last few years due to the country’s growing number of digital payment transactions.” The Indian Cyber Crime Coordination Centre (I4C) of the Union Ministry of Home Affairs estimates that over ₹1.2 trillion will be lost by Indians due to cyber fraud in the coming year. The National Cybercrime Reporting Portal and the National Cybercrime Helpline Number (1930) have been established by the Union Home Ministry to assist victims of cybercrime, Chaudhary stated. According to him, the Department of Telecommunications has also launched the Digital Intelligence Platform and the “Chakshu” feature on the Sanchar Saathi website to allow people to report alleged fraudulent communications they have received through WhatsApp, SMS, or phone calls, including messages about bank account updates or KYC expiration. However, Chaudhary assigned the responsibility of preventing, detecting, investigating, and prosecuting crimes—including cybercrime—to states and union territories. “Through financial assistance and advisory services under various schemes for the capacity building of their LEAs (law enforcement agencies), the Central government complements the initiatives of the states/UTs,” he stated. By issuing alerts and advisories and conducting cybersecurity mock drills to enable evaluation of an organization’s readiness and cyber security posture, the Indian Computer Emergency Response Team (CERT-In) takes a number of steps to ensure the safe use of digital technologies and prevent cyber frauds, he continued.

Odisha Crime Branch’s Discover Rs. 87 Lakh Investment Fraud; Delhi Arrests Key Accused

Bengal Police

The Odisha Crime Branch’s Criminal Investigation Department (CID) Cyber Crime Unit has successfully solved an investment fraud case, leading to the arrest of a major suspect in the Rs. 87 lakh scam. The victim, who worked for a private company, was added to the “101 Stock Discussion Group” WhatsApp group, where scammers pretended to be professors and other colleagues. By offering phoney stock trading advice, initial public offering (IPO) advice, and investment plans, they deceived the victim into making many deposits totalling about Rs. 87 lakh into different bank accounts. Mrs Vandana Bawa was captured in South Delhi by the CID Cyber Odisha Crime Unit following a comprehensive investigation that included the analysis of digital evidence and transaction data. An investigative team under the direction of Additional SP Ritesh Kumar Mohapatra made the arrest feasible. The accused would be transported to Odisha Crime on transit remand after appearing in the local court in Saket, New Delhi. The investigation team confiscated some incriminating items, such as a PAN card, an Aadhar card, an Indian SIM card, and a cell phone. After several bank accounts were closed, the complainant received a return of Rs. 10 lakh. The accused’s bank account was connected to two further cyber incidents in Gujarat and Kerala, according to an additional investigation of Odisha Crime. The CID is pursuing the money trail, other accomplices, and the crime’s trans-Indian repercussions. People are advised to exercise caution when they see unsolicited investment proposals on messaging applications and social media. To prevent being a victim of cyber scams, always confirm before investing. Report such issues to the local police station or the 1930 Cyber helpdesk. Protect Yourself Against Fraud Be wary of unsolicited messages and groups. Verify the authenticity of investment opportunities. Report suspicious activities immediately.  

Tamil Nadu DGP’s Shreya Ghoshal Warning To Netizens

DGP

DGP Sandeep Mittal Alerts Public About Scams Involving Fake Advertisements and Compromised Celebrity Accounts on X Social media users on X (previously Twitter) have received a warning from Sandeep Mittal, the Additional Director General of Police for the Cyber Crime Wing in Tamil Nadu. He warned that false advertisements and news clips showcasing singer Shreya Ghoshal appeared on the network with dramatic headlines and deceptive connections to websites. In addition, the logos of prominent news outlets are displayed in these posts, which might easily fool readers. Sandeep Mittal, the ADGP, used X to spread the word about the problem. “Scam traps to lure the public into cyber scams are verified @X handles with 10 to 15 followers that promote Shreya Ghoshal ads,” he said. Stay vigilant and stay safe. @X ought to have a system in place to identify and stop handles that are overtly engaging in illegal activity. In the past, well-known singer Shreya Ghoshal alerted fans on Instagram that her X account had been compromised. “Hello friends and fans,” she wrote. Since February 13th, my Twitter/X account has been compromised. I have made every effort to get in touch with the X team. However, except for a few automatically created texts, there has been no response. I can’t log in anymore, so I can’t even deactivate my account.” People are urged to exercise caution and stay away from bogus links or messages from her hijacked account, as per her statement and the ADGP’s warning. Other celebrities have also been impacted by computer attacks, in addition to Shreya Ghoshal. Actor Swara Bhasker and comedian Tanmay Bhat both cited instances earlier this year in which their X accounts were compromised and used to disseminate fraudulent links.

Gurugram: 7 people held for duping people over ₹87 crore in cyber frauds

Gurugram

Seven Cybercriminals Arrested in Gurugram for Defrauding Over ₹87 Crores in Nationwide Scam The accused were implicated in some cybercrimes, according to the police, including impersonation, cyberbullying, stalking, and fraudulent investment schemes. According to officials on 05 March 2025, seven cybercriminals who were apprehended by the Gurugram cyber police in the past two months allegedly defrauded hundreds of individuals nationwide out of over ₹87 crores. Police said they found three SIM cards, seven mobile phones, and ₹7.60 lakh in cash in their possession. The accused were implicated in some cybercrimes, according to the police, including impersonation, cyberbullying, stalking, and fraudulent investment schemes. According to Assistant Commissioner of Police (Cyber) Priyanshu Dewan, 399 cases and 10,956 complaints have been filed against the accused nationwide. Six of these instances are in Gurugram, out of the 22 cases reported in Haryana. In the past two months, all of the defendants have been taken into custody. Sonu Kumar, Ishwar, Sunil Kumar, Pawan Kumar Sharma, Neeraj, Salim, and Priya Mishra were their names, he said. Police examined data from the Indian Cyber Crime Coordination Center (I4C) and discovered that the seven cybercriminals had scammed victims nationwide out of ₹87.06 crores. The ACP stated that more research is being done on the subject.

Massive Data Leak: AI Training Data Contains 12,000 API Keys and Passwords

Massive Data Leak

Massive Data Leak : Researchers Discover Over 12,000 Exposed Credentials in Common Crawl, Highlighting Major Security Vulnerabilities for AI Models Massive Data Leak : Researchers at Truffle Security have identified approximately 12,000 valid API keys and passwords in the Common Crawl dataset, a large open-source online archive utilized for training artificial intelligence models. The dataset, which comprises petabytes of online data collected since 2008, is widely used by OpenAI, Google, Meta, Anthropic, Stability AI, and other organizations. Findings: Slack Webhooks, MailChimp API Keys, and AWS Root Keys were made public. In the December 2024 Common Crawl archive, Truffle Security examined 400 terabytes of Massive Data Leak from 2.67 billion web pages and discovered 11,908 legitimate login credentials that developers had hardcoded onto open websites. The following were among the revealed secrets: Root keys for Amazon Web Services (AWS) Almost 1,500 MailChimp API keys were leaked in JavaScript and front-end HTML. One of the WalkScore API keys was used 57,029 times in 1,871 subdomains. Slack webhooks: 17 distinct live webhook URLs are displayed on a single page. The disclosure presents a significant security concern because hackers may use these credentials to perpetrate phishing scams, impersonate brands, and illegally access private information. How Did the Secrets Get Exposed? Developers chose to hardcode API keys and credentials into JavaScript and front-end HTML rather than utilizing server-side environment variables, which led to the leak. These secrets were exposed  Massive Data Leak to the public through such coding techniques, leaving them open to abuse. Sensitive information may still be incorporated into LLMs, thereby affecting their behaviour, despite efforts to filter and clean AI training datasets. Security Implications for AI and the Web Truffle Security’s observation that 63% of the secrets found were reused on several websites raised concerns over pervasive unsafe coding techniques. The researchers cautioned that AI models educated on such data may unintentionally include security flaws, posing unanticipated threats. To minimize possible harm, Truffle Security responded by contacting the impacted vendors and assisting them in rescinding or rotating thousands of compromised API keys. Call for Better Security Practices The results are a wake-up call for AI researchers and developers to implement more stringent security protocols. Important actions to prevent similar situations include avoiding hardcoded credentials, implementing environment variables, and performing frequent security audits. As AI models develop, the cybersecurity sector continues to face a significant hurdle: ensuring that training datasets are free of sensitive data.

Hackers Target Lucknow Family with Identity Theft and Threatening Messages; Police Launch Investigation

Hackers Target

In Lucknow, Hackers Target Family with Identity Theft and Threatening Messages; Police Launch Investigation into Phone Compromise and Personal Data Theft. In Lucknow, a man and his family fell prey to digital fraud in a startling cybercrime case. Threats were made, personal information was stolen, and their phones were compromised. A formal report (FIR) has been made by the police under Section 66C of the Information Technology (Amendment) Act, 2008, alleging identity theft and unauthorized access to electronic devices. Hackers target a man named Vikram Chopra and his family in a high-profile cybercrime case that was publicized in Hussainganj, Lucknow. The FIR, filed on February 28, 2025, claims that numerous of Vikram’s and his family members’ mobile phones were compromised by unidentified cybercriminals on January 17, 2025. How the Cybercrime Unfolded Vikram Chopra, a resident of Lucknow’s Sarvapalli Mall Avenue, claimed that his family and he had been the victims of strange activity on their mobile devices. The criminals tried to abuse their gallery files and personal information in addition to gaining illegal access to their phones. Vikram’s complaint claims for Hackers target that his family members received threatening texts that hinted at more blackmail and internet abuse. On January 20, 2025, Vikram reported the incident right away to the Cyber Cell because he was worried about his privacy and safety. He then took it to the Chief Minister’s complaints page. Police Experiment and Legal Action Section 66C of the Information Technology Act, 2008, which addresses identity theft and illicit digital access, was used by the Hussainganj police to file a formal case after receiving the complaint. Inspector Shamsher Bahadur Singh has been assigned as the case’s investigating officer and will be in charge of the investigation into the identity and methods of the hackers. The case has been formally logged, and a comprehensive investigation is in progress, according to the FIR. Prof. Triveni Singh, Ex-IPS and Cybercrime Expert, stated: Such incursions can be made possible by sophisticated malware, such as OS-specific spyware and APK files. SMS, WhatsApp messaging, email attachments, and even physical infiltration can all be used to infect devices. It takes thorough malware forensics to find the culprits or the infection’s origin. To effectively tackle such cyber threats, law enforcement must recruit the assistance of private virus analysis specialists because police skills are currently restricted. The Increasing Risk of Cybercrime India’s increasing cyber threats for Hackers target are further highlighted by this occurrence. Authorities are warning people to adopt the following essential cyber hygiene precautions because it is becoming common for digital technology to be misused to compromise personal security: Avoiding unknown links and suspicious emails Regularly changing passwords to secure Hackers target Enabling two-factor authentication Reporting cyber frauds immediately to law enforcement agencies Stronger digital security measures and rigorous law enforcement are more important than ever since fraudsters become more savvy.

Doctor Loses Rs 6 Lakh to Cybercriminals Through Malicious APK File and 30 OTPs

Doctor Loses

Doctor Loses Rs 6 Lakh in Cyber Scam After Downloading Malicious APK File Posing as Bank KYC Update Raipur: A doctor loses more than Rs 6 lakh from his savings account and fixed deposits after falling victim to a sophisticated cyber scam. The scammers lured him into downloading a malicious APK file that posed as an IndusInd Bank KYC update. The event took place at the Sarasvati Nagar police station. Fraud via APK File Doctor Satish Rajput, who works at a private hospital in Samta Colony, complained that he received a message on his phone between February 23 and February 26 with a link titled “IndusInd KYC APK.” Unaware that the file was downloaded to his phone, he accidentally tapped on the link, thinking it was a genuine KYC update request from the bank. He had no idea that the APK file was a malicious program that gave hackers access to his mobile device. Suddenly, on February 27, he began receiving many OTP messages on his phone while he was at a mall seeing a movie. Approximately thirty OTPs were generated in a brief amount of time, and funds started to drain from his account. Hackers stole his money even though he didn’t give anyone the OTPs. Massive Financial Loss Dr Rajput claims that a total of Rs 6 lakh was taken out of his bank accounts, which included several fixed deposits and his savings account. The following is a breakdown of the amount stolen: Rs 1,92,000 from his savings account Rs 2,00,000 from one fixed deposit Rs 1,80,000 from another fixed deposit Rs 28,000 from a third fixed deposit On March 1, as soon as he realized he had been deceived, he notified the police. The Saraswati Nagar police have begun investigating the scammers and are working to locate them. Rising Cybercrime Tactics Doctor loses a significant sum in this instance, which demonstrates the rising practice of fraudsters accessing bank accounts without authorization using APK file scams. In such cases, doctor loses hard-earned savings as cybercriminals constantly devise new ways to defraud gullible people. Authorities have also recently issued warnings against call-merging scams, in which con artists pretend to be friends and combine calls to intercept OTPs and cause financial losses—yet another method through which a doctor loses money and peace of mind. Police Advisory The public is advised by authorities to refrain from downloading unfamiliar APK downloads, confirm any correspondence about their banks directly with their banks, and promptly report any strange calls or messages to the cybercrime helpline 1930.