Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cyber Police. Show all posts

AI-Based Deepfake Fraud: Police Retrieves Money Worth ₹40,000 Defrauded From Kozhikode Victim


Kozhikode, India: In a ‘deepfake’ incident, a man from Kozhikode, Kerala lost ₹40,000 after he fell prey to an AI-based scam.

According to police officials, the victim, identified as Radhakrishnan received a video call on WhatsApp from an unknown number. Apparently, the swindlers used Artificial Intelligence tools to generate a deepfake video of the victim’s old colleague knew. To further maintain the trust, the scam caller cunningly mentioned the victim’s former acquaintances.

During their conversation, the scammer made a desperate request of ₹40,000, stating a medical urgency of a relative who is in the hospital. Trusting the caller, Radhakrishnan provided the financial aid, via Google Pay.

Later, the caller made another request to Radhakrishnan, of ₹40,000, which raised his suspicions. Following this, he reached out to his colleague directly. To his disbelief, he discovered the entire incident was in fact an AI based deepfake fraud, and he was robbed./ Realizing the fraud, he immediately filed a complaint to the Cyber Police.

The cyber cell promptly investigated the case and managed to the bank authorities of the bank account where the money was kept. Apparently, the bank account was traced back to private bank located in Maharashtra.

This was the first incidence of deepfake fraud based on Al that has been detected in the state, according to the Kerala Police Cyber Cell.

Modus Operandi: The scammers collect images from social media profiles and use artificial intelligence to create misleading films. These con artists use Al technology in conjunction with details like mutual friends' names to appear legitimate and con innocent individuals.

How to Protect Oneself From Deepfakes? 

Similar cases of deepfakes and other AI-based frauds have raised concerns for cyber security professionals.

Experts have cautioned against such scams and provided some safety advice. Because the majority of deepfakes have subpar resolution, people are urged to examine the video quality. When closely examined, it is obvious that the deepfake films are fake since they either abruptly end or loop back to the beginning after a predetermined length of time. Before conducting any financial transactions, it is also a good idea to get in touch with a person separately to confirm that they are truly participating in the video conversation. 

BreachForums Mastermind Pompompurin Arrested in New York

 


Earlier this week, U.S. law enforcement officials arrested a New York man as part of their efforts to crack down on the infamous hacking forum BreachForums, which was run by an individual who used the alias “Pompompurin.”

According to Bloomberg Law, a federal investigator spent hours inside as well as outside a Peekskill home earlier this week following reports from News 12 Westchester that federal investigators “had spent hours inside and outside a home in Peekskill.”

Several bags of evidence were removed by investigators from the house at one point, according to a local news service based in New York. 

The suspect has been identified as Conor Brian Fitzpatrick as per an affidavit filed by the Federal Bureau of Investigation (FBI). He also admitted to owning the BreachForums website according to the affidavit. 

A special agent of the FBI, John Longmire, stated that the defendant's statements to him on March 15, 2023, showed that: 

a) he was Conor Brian Fitzpatrick; 
b) he referred to himself as 'pompompurin,' and 
c) he owned and administered a website called 'BreachForums.' He was the owner and administrator of that website. 

A conspiracy charge against Fitzpatrick has been filed on behalf of a salesperson in connection with unauthorized access to devices sold by him to individuals. It was announced that the defendant would be released from jail a day later after his parents signed a bond for $300,000. The District Court for the Eastern District of Virginia plans to see him on March 24, 2023, at a hearing scheduled to take place there. 

Along with not being able to obtain a passport or other international travel documents, Fitzpatrick is being prohibited from contacting any of his co-conspirators, or using narcotics or other controlled substances unless he has a prescription from a licensed medical practitioner, among other restrictions. 

A coordinated law enforcement operation in March 2022 led to the seizure of the control of RaidForums and the emergence of BreachForums last year. Security firm Flashpoint said at the time that popompurin stated in the threat actor's welcoming thread that BreachForums was not affiliated with RaidForums in any way. 

Because this forum has been hosting stolen databases belonging to several companies, which often include personal information that can be sensitive, the forum has gained notoriety since it was founded. 

A forum user named Baphomet, who was on the forum after Fitzpatrick's arrest, said they owned the website and that Fitzpatrick was the owner. In their report, they noted that no evidence was found that the breached infrastructure had been accessed or modified in any way by anyone. 

In the latest development, the Cyber Police of Ukraine announced the arrest of a 25-year-old developer who had created what they believe was an "app" for gaming, which infected over 10,000 computers with a remote access Trojan.

Missing Cryptoqueen: Leaked Police Files May Have Alerted the OneCoin Fraudster Ruja Ignatova

 

Best known as the “Missing CryptoQueen,” convicted fraudster Ruja Ignatova who was included on the most wanted list by the US Federal Bureau of Investigation (FBI) is assumed to be receiving the information of the investigation before her disappearance. 
 
The 42-year-old fraudster, based in Bulgaria is convicted of her suspected involvement in the $4 billion OneCoin cryptocurrency fraud. The details of the scam were uncovered in a BBC podcast ‘The Missing Cryptoqueen’ devoted to the infamous fraudster. 

The police documents related to the case were apparently shown in the podcast by Frank Schneider, a former spy and trusted adviser to Ignatova. Following the allegations, Schneider is now facing extradition to the US for his role in the OneCoin fraud. 

While the metadata on the files suggests that Ignatova acquired the said documents through her own contacts in Bulgaria, Schneider denies the claims of obtaining the documents himself, which he says were obtained on a USB memory stick by Ignatova. 
 
Ignatova disappeared on October 25th, 2017, after being made aware of the police investigation into her OneCoin cryptocurrency. Following this, in June 2022 she was included in the FBI's most wanted list.
 
In an interview with the BBC, Schneider informed about the police files containing presentations made at a Europol meeting named ‘Operation Satellite.’ The meeting was attended by officials from Dubai, Bulgaria, the UK, Germany, and the Netherlands along with the FBI, the US Department of Justice, and the New York District Attorney five months before the disappearance of Ignatova. 
 
The said documents contained details of US authorities having a “high-placed confidential informant”, bank accounts from OneCoin receiving investor funds, and failed attempts of the UK's City of London to interview Ignatova. 

On being asked about the aforementioned files, Schneider said "When the Bulgarians participated at certain Europol meetings, it only took hours for her to get a complete rundown and get the minutes of what was said in those meetings.” “I can only deduce that it came from the circles that she was in and the she had through a variety of influential personalities.”

Provider Volia reported to the cyber police about the intense cyberattacks on the server


Cable provider Volia appealed to the Cyber Police on the fact of fixing a DDoS attack on the Kharkov servers of the company, which has been ongoing since May 31.

"For three days, from May 31 to today, the Volia infrastructure in Kharkov is subjected to cyberattacks. At first, they were carried out only on subscriber subsystems, later they switched to telecommunications infrastructure. As a result, more than 100,000 subscribers experienced problems using the Internet, IPTV, multi-screen platform, and digital TV," said the company.

In total, the complete lack of access to Volia's services, according to the provider, lasted 12 minutes on May 31, 45 minutes on June 1. There was also an attack on the website volia.com, but it was managed to neutralize.

"DDoS attacks were massive and well-organized. The type of attack is UDP flood and channel capacity overflow with the traffic of more than 200 GB. UDP is a protocol used for online streaming services - streaming, telephony, video conferencing, etc. The attack occurred from tens of thousands of different IP addresses around the world: the United States, Malaysia, Taiwan, Vietnam, etc.", emphasized the press service of the provider.

According to representatives of the company, attacks of this volume are followed by extortion and other attempts to influence the company. Therefore, Volia appealed to the cyber police with a statement about a massive DDoS attack on the infrastructure.

At the same time, Volia stated that they cannot be sure that the attacks will not happen again, but they are doing everything possible to avoid it.
It should be noted that Volia company serves about 2 million cable TV and Internet subscribers in 35 cities of Ukraine.

Ukrainian authorities proposed online media to track readers and transfer data to the cyber police


A real scandal began with the rights of journalists, the media and freedom of speech in Ukraine. The Ukrainian cyber police sent a circular to various Internet publications in Ukraine with a proposal to install special software codes on the websites of publications in order to track and identify readers of publications. At the same time, all data must be transmitted to the cyber police of Ukraine.

In the document received by the media, the cyber police proposes to install a special script developed by the Agency on the site of publications, which would allow identifying network users who use a VPN or anonymizer. All data of users of Internet publications who have installed such a code is sent to a special server of this body.

Note that 99.9% of all users of the Ukrainian network use VPN in Ukraine. This is caused by the blocking of all Russian resources by the Ukrainian authorities. In the absence of high-quality Ukrainian services and social networks, Ukrainian citizens continue to use Russian Yandex, Vkontakte, Mail.ru and read Russian media. Obviously, the Ukrainian authorities, on the orders of Vladimir Zelensky, have now decided to identify such citizens.

The cyber police of Ukraine noted that they did not insist on installing such codes but only suggested. At the same time, the Ukrainian cyber police does not see anything shameful in such a proposal but considers it the interaction of the state and the private sector in the field of combating cybercrime.

However, it is important to note that the existence of such a script from the cyber police on Ukrainian media sites is a criminal offense. Such actions of the Ukrainian cyber police violate a number of laws and the Constitution of Ukraine. They violate freedom of speech, freedom of the media, freedom of access and dissemination of information, human rights, processing of personal data, and the presumption of innocence. As well as a number of European and international norms and laws in this area.

Moreover, for a long time, citizens of Ukraine have been asking the President of Ukraine to unblock Russian sites.