Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Crime Report. Show all posts
Threat Landscape
Cyber Crime Report Cyber Fraud Cyber Scam South Asia Threat Landscape

Rise of Cybercrime in India: Reasons, Impacts & Safety Measures

 

The reel is frequently influenced by the real. Jamtara, an OTT series, was inspired by cyber fraud activities carried out in a remote part of Jharkhand. However, the script appears to need some tuning in the future. This is because cybercrime hotspots in India, such as Jamtara and Mewat, have spread outside the country's borders. 

According to a recent study conducted by the Indian Cyber Crime Coordination Centre, a part of the Union Home Ministry, approximately 45% of cybercrime cases targeting Indians originate in other South Asian nations, primarily Myanmar, Cambodia, and Laos. This is not to imply that the threat is minimal in India. 

The number of complaints about grey activities such as trading scams, phishing, and fake romance has risen dramatically, from 26,049 in 2019 to 7.4 lakh by April 2024. This year, the national cybercrime reporting system received over six lakh complaints, totaling almost Rs 1,800 crore in fraudulent money. 

Based on a study undertaken by an IIT Kanpur-incubated non-profit, financial fraud accounts for approximately 77% of cybercrimes between 2020 and 2023. There are additional risks: identity and data theft caused by cyber fraud can have long-term consequences such as a permanent debt footprint, as well as legal and security issues. Notably, the cybercrime network based in these South Asian nations has been deceiving Indians by using Indian SIM cards and fraudulent recruitment possibilities via messaging apps.

For example, the Indian embassy in Cambodia sponsored the extradition of 360 Indians. However, 5,000 citizens are accused of being trapped there and forced to commit cybercrime against their fellow Indians. Last year, India was the 80th most targeted country for cybercrime. New Delhi must use diplomatic channels to interact its concerns to these countries.

India has the second largest population of active internet users. However, the vast majority of them are unaware of internet fraud, making them easy targets for scammers. Other rising threats include privacy violations and sextortion. The expanding digital ecosystem needs a thorough understanding and mitigation of cyber threats. 

To prevent such mischief, legal loopholes must be fixed. However, there should be a balance between cybercrime prevention and overregulation so that access to the internet is not hampered while also protecting the privacy of users. Treading this fine line under an authoritarian rule can be difficult.
Read more »
Threat Landscape
Cyber Crime Cyber Crime Report Financial crime Global Economy Threat Landscape

Cybercrime to Cost Global Economy $10.5 trillion By 2025

 

A report from Cybersecurity Ventures estimates that by 2025, cybercrime will have cost the global economy up to $10.5 trillion. According to a recent Gartner survey, by then, more than half of all cybersecurity assaults will be attributable to human error or a lack of talent.

What areas are most vulnerable, and how can consumers defend themselves against fraud and other online crimes? 

Small-scale companies 

Small firms are subject to three times as many cyberattacks as larger organisations, according to a Barracuda Networks analysis that Forbes highlighted. Often, employee training can stop these attacks. When compared to a company with more than hundred employees, smaller businesses endure 350% more social engineering attacks. 

Threats exist in every sector, but reports suggest that user data is the target of the majority of attacks, which puts businesses in the retail and e-commerce, healthcare, and financial sectors at greatest danger. 

Productivity of employees 

Cyber threats not only put money at risk, but they also impact employee productivity. More than half of small firms said that after an attack, their website was down for up to 24 hours. Additionally, data breaches can increase workplace stress and lower the spirits of workers.

Healthcare 

Cyber attacks provide a serious threat to the healthcare sector. Based on the research from Nozomi Networks, healthcare is one of the most often targeted areas for cyberattacks, despite the fact that healthcare organisations in the U.S. must strictly adhere to specific regulations, known as HIPAA laws, to protect patient data. 

Banking and finance 

The financial services sector is more vulnerable to cyberattacks than many other industries, which is understandable given the reasons behind this. Financial institutions are 300 times more likely to be the target of cyberattacks than other kinds of organisations, according to a Boston Consulting Group analysis. Based on an IBM X-Force survey, 71% of those attacks are directed at banks, and 16% are directed at insurance companies. 

Safety measures

Businesses have a responsibility to deploy cybersecurity protective measures to safeguard their customers. However, you may also help to avoid cyberattacks as a customer or employee, particularly when it comes to shielding your own financial or medical data. 

As a first line of defence against fraud and cybercrime, follow these simple tips:

On public WiFi networks, never share any personal information, including passwords. Online banking and shopping can be done safely from home. Don't disclose private information to ChatGPT or other AI programmes, especially bank information or passwords. 

Additionally, set strong and secure passwords with a password manager and, when available, use 2-factor authentication systems at work and at home.
Read more »
Russia
Cyber Crime Cyber Crime Report Hacker group REvil Hacker group Russia

REvil hacker group activity stopped in Russia

The Federal Security Service of Russia stopped the activities of the hacker group REvil, which was engaged in the theft of money using malware.

The operation was carried out in cooperation with the Investigative Department of the Ministry of Internal Affairs throughout Russia. According to the FSB, hackers developed malicious software, organized the theft of money from foreign bank accounts, and cashed them, including by purchasing expensive goods on the Internet.

"The appeal of the competent US authorities served as the basis for the search activities that reported the leader of the criminal community and his involvement in encroachments on the information resources of foreign high-tech companies," the FSB said.

The FSB of Russia has established the full composition of the REvil criminal community and the involvement of its members in the illegal turnover of payment funds, documentation of illegal activities has been carried out.

REvil has ceased to exist. According to the FSB, at 25 addresses of the places of residence of 14 members of the organized criminal community, over 426 million rubles ($5.5 million) were seized, including in cryptocurrency, $600 thousand, €500 thousand, as well as computer equipment, crypto wallets used to commit crimes, 20 premium cars purchased with funds obtained by criminal means.

"As a result of the joint actions of the FSB and the Ministry of Internal Affairs of Russia, the organized criminal community has ceased to exist, the information infrastructure used for criminal purposes has been neutralized. Representatives of the competent US authorities have been informed about the results of the operation," the FSB reported.

The REvil group is considered one of the most active hacker groups in the world. It has committed several major attacks, including against Apple and the Texas government.

It is worth noting that in the summer of 2021, according to The New York Times, after a conversation about REvil, which took place between US President Joe Biden and Russian leader Vladimir Putin at a summit in Switzerland, hackers disappeared from the darknet. Then the American president called on the Russian Federation to take measures to suppress the activities of cyber criminals operating on its territory.


Read more »
Cyber Crime Report
Cyber Crime Cyber Crime Report

A major hacker service has been eliminated in Ukraine

Cyber specialists of the Security Service of Ukraine, together with the cyber police and American and British partners, conducted a large-scale special operation to eliminate a powerful hacker service.

According to the intelligence service, the defendants committed hacker attacks on foreign companies, as well as provided paid services to change IP addresses for other hackers. According to preliminary estimates, the group has earned more than $1 million during its activity.

"Unlike the "usual" VPN services that can be legally bought and used by everyone, the services of the attackers had a much broader functionality. In particular, they allowed computer viruses, spyware, and other malicious programs to be loaded directly through the platform. That is, it was a purely "gangster" service created by intruders for intruders and not controlled by any government or law enforcement agencies," the SBU explained.

During the investigation, it turned out that the service was organized by citizens of Ukraine, including those wanted by foreign law enforcement agencies. They administered the work of the service from home personal computers, and to avoid responsibility they hid under different nicknames on the Darknet network.

It should be noted that the services were popular among members of international hacker groups who regularly hacked into the systems of government and commercial institutions to collect confidential information; distributed ransomware viruses that encrypt information available on a PC and demand a ransom from the user; carried out DDoS attacks to paralyze the operation of systems.

According to the SBU, in order to legalize the funds received from such activities, the attackers carried out complex financial transactions using a number of online services, including those banned in Ukraine.

During the searches conducted at the place of actual residence of the defendants and in their cars, mobile phones, computer equipment, and other material evidence of illegal activity were found and seized. Hackers face up to 15 years in prison.

Read more »
Russian Hackers
Cyber Crime Cyber Crime Report Hackers Arrested National Cyber Security Russian Hackers

Russian hacker arrested in US who may have information about Russian interference in American elections

According to Bloomberg sources in the Russian and American security and intelligence agencies, Klyushin is a Kremlin insider and even a year and a half ago received a state award from Putin, the Order of Honor.

They added that Klyushin has access to documents that relate to the Russian campaign to hack the servers of the Democratic Party during the US elections in 2016. According to them, these documents confirm that the hacking was carried out by a group of hackers from the GRU, which is known under the names Fancy Bear and APT28. In addition, some sources expressed the opinion that Klyushin has access to secret records of other high-ranking GRU operations abroad. All this can make Klyushin a useful source of information for the US authorities, especially if he asks the court for leniency.

Another argument that Klyushin has this valuable information for the U.S. is that his subordinate at M13 was former ex-GRU operative Ivan Yermakov. In 2018, he was one of the defendants accused of hacking into the computer systems of the Democratic Party.

Recall that on December 19, Switzerland extradited Klyushin to the United States. He is suspected of illegal trading in securities worth tens of millions of dollars. Klyushin is the head of the M13 company, which has developed the Katyusha media monitoring system for the Ministry of Defense and the Presidential Administration.

In 2017, The Insider managed to prove that the Fancy Bear group consists of employees of the military unit 26165 GRU. A year later, this data was confirmed by the US Department of Justice, officially bringing charges against a group of hackers. The most famous operation APT28 was the hacking of the servers of the Democratic Party in 2016, designed to help Donald Trump defeat Hillary Clinton in the presidential election.

Read more »
Russian Hackers
Bank Cyber Security Cyber Crime Cyber Crime Report Dark Web Monitoring Darkweb Russian Hackers

Russian hacker created the RedLine program, which steals passwords and bank card data in browsers

The RedLine malware attacks browsers based on the Chromium engine — Chrome, Edge, Yandex.Browser and Opera, as well as on the basis of the Gecko engine - Mozilla Firefox and Netscape. RedLine steals saved passwords, bank card data, information about cryptocurrency wallets, cookies, system information, and other information from browsers.

Further, experiments showed that the program collects any sensitive information stored in browsers, and in addition allows you to control the computers of victims via the SOAP remote access protocol and hypothetically create botnets from them. The problem affects not only companies but also ordinary users.

The RedLine program appeared on the Russian darknet in February 2020. The announcement of its sale was posted by a Russian-speaking user with the nickname REDGlade.

The AhnLab ASEC report calls RedLine a serious cyber threat. ASEC discovered the program in 2021 when they were investigating the hacking of the network of an unnamed company. It turned out that access was carried out through a VPN service from an employee's computer infected with RedLine.

Attackers sell malware on the darknet and telegram for an average of $150-200. RedLine is distributed using phishing mailings with attached files in the format .doc, .xls, .rar, .exe. It is also uploaded to domains that disguise themselves as an online casino or, for example, the website of the Krupskaya Confectionery Factory.

It is worth noting that in December 2021, RedLine became the most popular program used in cyber attacks. Since the beginning of the month, more than 22 thousand attacks have been carried out with the help of RedLine.

Experts urged not to store credentials in browsers, suggesting instead to use a password manager and enable two-factor authentication wherever possible.

Read more »
Russian Hackers
Cyber Crime Cyber Crime Report Cyber Criminals Russian Hackers

Google sued two Russians hackers

Google has filed lawsuits against two Russians - Dmitry Starovikov and Alexander Filippov. According to the company, they are behind the activities of a botnet called Glupteba.

The corporation claims that Glupteba has infected more than a million Windows devices worldwide, the increase in infections can be "thousands" daily. The botnet was used to steal Google user account data. Most often, the infection occurred after users downloaded free applications from unauthorized sources.

In addition to stealing and using other people's data, Glupteba was aimed at covert mining of cryptocurrencies and redirecting other people's traffic through infected computers and routers. Using this method, illegal traffic can also be redirected to other people's devices.

Google notes the sophisticated technical complexity of Glupteba. It uses a blockchain, the decentralized nature of which allows it to effectively protect itself from work disruptions. For the company, this is the first case of fighting a botnet on the blockchain.

The main infrastructure of the botnet is now neutralized. Those who managed the network from infected devices no longer have access to it. However, the company notes that this statement is valid only at the moment.

Google assumes that it was Starovikov and Filippov who managed Glupteba, relying on data in their Gmail accounts and Google Workspace office applications. The company insists on reimbursing them for damage, as well as a lifetime ban on their use of Google services.

According to experts, this could create a positive precedent. If the Russians really manage to be punished significantly, this will significantly weaken the community as an attacker in cyberspace. At a minimum, the hackers' sense of impunity will disappear. You can read about how Google representatives tracked hackers on the company's official website.

Read more »
Moscow Cyber Security
Cyber Crime Cyber Crime Report Moscow Moscow Cyber Security

Bloomberg spoke about the “laundering” companies for cybercriminals in the Moscow City Tower

At least four companies suspected of money laundering and allegedly linked to ransomware hackers are based in the 97-storey Tower East of the Federation Complex in the Moscow City Business Center.

According to the agency, we are talking about the companies Suex OTC, EggChange, CashBank and Buy-bitcoin.pro.

Suex OTC is under US sanctions for helping cyber extortionists launder money. According to the research company Chainalysis, since 2018 Suex has processed at least $160 million in bitcoins from illegal and high-risk sources.

The largest shareholder of Suex at the time of the sanctions, Egor Petukhovsky, denied the involvement of his business in money laundering by hackers in October and announced that he would defend his position in an American court.

According to three Bloomberg sources, the US and Europe are also investigating EggChange on charges of money laundering. The world's largest cryptocurrency trading platform Binance said it also noticed “illegal flows” of funds going through EggChange and CashBank.

Chainalysis claims that the company Buy-bitcoin.pro, whose headquarters are also located in the Tower Federation-East, processed hundreds of thousands of dollars of funds from ransomware and other illegal operators, including Russia's largest darknet drug market Hydra.

Bloomberg writes that at least 50 companies converting cryptocurrency into cash are registered in Moscow City Tower. Cybersecurity and cryptocurrency experts consider Moscow City Tower to be one of the most influential points in the world of cryptocurrency cashing. Experts added that such operations are not illegal, but without serious supervision, such a business can help hackers to cash out criminal proceeds.

Stanislav Bibik, a partner at Colliers, explained the large concentration of cryptocurrency firms in the Tower Federation-East by the fact that this address is trustworthy. “Working there gives the tenant a high status and indicates that he has a solid business,” Bibik said.


Read more »
Subscribe to: Posts (Atom)