Tag: cyber crime

The Hindu Morning Digest: January 5, 2024

Post By Sports , , , , , , , , , , , , , , , , , , , , , , ,

Families of victims of the explosions gather at the courtyard of a hospital in the city of Kerman, about 510 miles (820 kilometres) southeast of the capital Tehran, Iran, on Jan. 3, 2024.
| Photo Credit: AP

Eight Indian Navy veterans get 60 days to contest Qatar jail terms

Qatar has commuted death sentence for eight Indian Navy veterans and turned that into “varying quantum” of jail terms, the Ministry of External Affairs (MEA) said on Thursday, putting out the official confirmation about the high-profile case regarding the men who were arrested by the Gulf country in August 2022. Addressing the weekly press briefing, MEA spokesperson Randhir Jaiswal said the legal team had been given 60 days to appeal against the jail terms.

Health Ministry seeks data on single women taking the Assisted Reproductive Technology route

The Union Health Ministry has sought data from all States and Union Territories on the total number of single women (divorcees/widows) and unmarried women who have successfully used Assisted Reproductive Technology (ART) in order to assess the functioning of the ART Act, 2021. Fertility experts have welcomed the move, along with the inclusion of single women/unmarried women as a category.

INDIA bloc seat-sharing talks delayed as Congress panel presents State units’ wishlist to Kharge

With their INDIA bloc allies breathing down their neck to come up with a seat-sharing formula at the earliest, the Congress’ five-member National Alliance Committee on Thursday briefed Congress president Mallikarjun Kharge on the consultations they held with the party’s State units, 12 days after their first meeting on December 23. 

Aadhaar enabled payment comprised 11% of financial frauds: I4C analysis

Aadhar Enabled Payment System (AePS) frauds were 11% of the cyber financial scams that had its origin in India in 2023, an analysis by the Indian Cyber Crime Coordination Centre (I4C) has said. Most of these were committed in Bihar and Jharkhand. Last year, the central government’s portal (cybercrime.gov.in) and 1930 helpline received 13,10,329 complaints regarding cyber enabled financial frauds. The AePS frauds included cloning of biometrics.

Trinamool needs the support of Congress more than the Congress needs them: Adhir Ranjan Chowdhury

West Bengal Pradesh Congress Committee president Adhir Ranjan Chowdhury on Friday said that the Congress party was not going to beg for seats from the Trinamool Congress (TMC) in the forthcoming General Election. The remarks come at a time when Congress MP from Malda Dakshin Abu Hashem Khan Chowdhury has said that a deal had been struck with the Trinamool on giving two seats to the Congress in the State. The Congress MP was referring to the Malda Dakshin and Behrampore Lok Sabha seats.

Congress holds first meeting of manifesto committee 

The first meeting of the Congress Manifesto Committee was held here on Thursday. It was presided over by Chairman P. Chidambaram and attended by other members of the committee, including Karnataka Chief Minister Siddaramiah, Jairam Ramesh, T.S. Singh Deo, Anand Sharma, Shashi Tharoor and others. 

Election Commission tweaks rules for allocation of symbols to unrecognised political parties

The Election Commission of India on Thursday brought in new rules for allocation of symbols to Registered Unrecognised Political Parties (RUPPs), making it mandatory for them to furnish audited accounts of last three financial years, expenditure statements of last two elections, and the signature of the authorised office-bearer of the party along with the application form for symbols.

Iowa school shooting | One dead, five wounded at high school in Perry; suspect dead

A 17-year-old opened fire at a small-town Iowa high school on the first day of school after the winter break, killing a sixth-grader and wounding five others as students barricaded in offices and fled in panic. The suspect, a student at the school in Perry, died of what investigators believe is a self-inflicted gunshot wound, and at least one of the victims is a school administrator, a law enforcement official told The Associated Press.

Islamic State claims responsibility for Iran attack

Iran’s elite Revolutionary Guards and first Vice-President Mohammad Mokhber vowed revenge on Thursday for explosions that killed at least 84 at a ceremony to commemorate top commander Qassem Soleimani, who was killed by a U.S. drone in Iraq in 2020. Islamic State has claimed responsibility for the attack. Earlier, a senior official in U.S. President Joe Biden’s administration said the blasts appeared to represent “a terrorist attack” of the type carried out in the past by Islamic State militants.

Myanmar’s military government pardons nearly 10,000 prisoners to mark Independence Day

Myanmar’s military government on Thursday pardoned nearly 10,000 prisoners to mark the 76th anniversary of gaining independence from Britain, but they apparently included just a small proportion of the thousands of political detainees jailed for opposing army rule.

Centre keen to expand ECGC cover to individual jewellery exporters

Union minister for Commerce and Industry Piyush Goyal on Thursday said that the Centre was keen to expand the ECGC (Export Credit Guarantee Corporation) cover, now provided to banks towards the credit limits for exporters, to even individual exporters of gems and jewellery. He was speaking at the India International Jewellery Trade Show (IIJS) organised by the Gem & Jewellery Export Promotion Council at Jio Centre in Mumbai.

India’s heavy digital footprint makes it more attractive to cybercrooks: experts

With a population of over 1.4 billion and a rapidly expanding economy, India’s digital footprint has made it an alluring target for cybercriminals seeking to exploit vulnerabilities, warned a group of cyber-security providers. Data breaches would skyrocket in 2024, there would be continued acceleration in ransomware activities in addition to a surge in identity-based attacks resulting from increasing cloud adoption, and deepfakes would also pose a looming threat to the country’s cybersecurity this year, they cautioned.

IND vs SA second Test | Fiery Bumrah helps Team India break a Cape Town hoodoo

The final frontier will remain the final frontier for some more time, but India’s cricketers will head back home, their heads held high. They expectedly wrapped up the second Test with plenty of time to spare on Thursday to square the two-Test series 1-1. Aiden Markram scored a stunning hundred (106, 103b, 17×4, 2×6) on an incredibly challenging track where nobody else touched 50, but that could only delay the inevitable. India’s seven-wicket victory came in the second session on the second day. It was the team’s first-ever Test victory at the Newlands Cricket Ground.

Source link

#Hindu #Morning #Digest #January

Iranian ‘hack’ targets citizens who send videos to foreign broadcasters

Post By World , , , , , , ,

Hardline media outlets in Iran claim the country’s security forces hacked the Telegram channel of Iran International, a Persian-language broadcaster that has extensively covered the year-old “Woman Life Freedom” protests. The outlets claim the regime intercepted messages in which Iranian citizens sent amateur images related to the protests to the UK-based broadcaster for publication. The channel denies it was hacked, and a FRANCE 24 review of the supposedly intercepted messages found no evidence that any of the amateur content was ever broadcast by Iran International.

With a news blackout in place in Iran on the protests that followed the death of Mahsa Amini last September, many Iranians have turned to Persian-language media broadcasting from overseas. With independent media barred from working in Iran, such channels rely heavily on amateur images published on social media or sent in by Iranian citizens. Videos filmed by citizens and sent to these media outlets outside Iran have become the main source for many Iranians of independent information about what is happening inside their country.

In what appears to be an attempt to discourage these ties, media affiliated with Iran’s hardline Revolutionary Guard Corps (IRGC) have targeted Iran International, publishing what they say are messages in which Iranian citizens sent amateur videos for publication by the UK-based channel. Launched in the UK in 2017, the channel, which reportedly receives funding from Saudi sources, is one of the favourite destinations for amateur videos shot inside Iran. Iranian authorities have branded it a “terrorist organisation”.


Media affiliated with the IRGC, including the Fars News Agency, have published at least six online videos saying an unspecified “group of hackers” intercepted messages sent to Iran International.

 

Iran International denies the hacking. “I can state categorically that our Telegram account has not been hacked, or compromised in any way. It never has been. Such claims from the IRGC or its associates are false and are designed to frighten and intimidate people,” spokesperson Adam Baillie told FRANCE 24. “We are characterised by the Iranian authorities as a terrorist channel, which provides quasi-legal cover for threats against our staff and the harassment, often brutal, of their families in Iran.”

The designation of Iran International as a terrorist organisation means that Iranians accused of sending information to the channel could face severe penalties in Iranian courts.

A Fars News Agency alert about contacting Iran International television: “Alert to people who cooperate with enemy media”. © Observers

 

Alert to people who cooperate with enemy media

Media affiliated with the IRGC, including the Fars News Agency, have published at least six online videos saying an unspecified “group of hackers” intercepted messages sent to Iran International. The videos, posted since mid-September, feature amateur images supposedly sent to the UK-based channel via Telegram, along with screenshots of the senders’ messages and usernames with the account name blurred. The amateur images show protests and other anti-regime initiatives such as strikes by shopkeepers. 

One video, published on Telegram on September 15, showed screenshots of messages sent by a user named “Milad” in which he sent a video of an anti-regime protest along with this caption: “Aryashahr (a neighbourhood in Tehran), 17th or 18th Aban (September 8 or 9, 2022). Regime agents savagely beat up a young man.” FRANCE 24 was unable to confirm the sender’s identity or the context of the video, but Iranian web users suggested the claims of a hack were fabricated.


In a video published on X, formerly Twitter, on September 19, demonstrators chant: “The mullahs must go”.

 

Fars News Agency’s claim is BS

Iranian web users have been skeptical about the claims of a hack. “As someone who has sent many photos and videos [to Iran International], I can confirm Fars News Agency’s claim is BS,” said one tweet posted on September 20.

 


“If they had hacked the channel, they would have shown off about it by announcing they had hacked it and changing the profile picture,” another user wrote, referring to a common practice when the Iranian security forces hack into anti-regime accounts.


A third user wrote: “Hacking? That’s a joke! The IRGC fanboys can’t do anything more complex than basic HTML coding.”


 

Hacking Telegram is very difficult

Amin Sabeti is an Iranian cybersecurity expert based in London. He closely follows the activities of hackers close to the Islamic republic’s regime.

“In general, hacking the servers of a messaging app like Telegram is a very difficult task, not just for Iranians, but for any hacker in the world. The screenshots of the user messages supposedly sent to Iran International’s Telegram account are in a format that would only be visible by the Iran International Telegram account owner. I closely follow hackers working for the Iranian regime and I have never seen any indication that they are capable of directly hacking Telegram’s servers to access any account.

All the Iranian hackers have done so far is to trap the “end user”, using various techniques like phishing. For example, they send emails to account holders pretending to be from the Telegram company saying that someone is trying to hack your account or change your password.

There are two sides to the question of the safety of Iranians who turn to foreign media such as the BBC or Iran International. Concerning the news organisations, I know that the security measures of these media outlets are really good. They are up-to-date in keeping their accounts secure. That is why we have never had such a case so far.

The only possible problem, however, could be the Iranians who contact these news organisations, because they too need to protect their accounts. They need to update their apps and software, and make sure they do not have malware on their phones. And once they have sent their messages, they need to delete them themselves.”

 

No trace of the videos on Iran International accounts 

FRANCE 24 analysed the six video reports published by Fars and other IRGC-affiliated Telegram accounts. The IRGC reports featured more than 30 amateur videos supposedly sent to Iran International. The FRANCE 24 team then searched for other publications of the videos on social media, including archives of Iran International’s Telegram, X (formerly Twitter) and Instagram accounts over the last 12 months.  

Of the around 30 videos supposedly sent to Iran International by Iranian citizens:

  • None were published on Iran International’s social media accounts, including Telegram, X and Instagram.
  • Reverse image searches found no publication of the videos on other social media accounts. 
  • In at least in one case, the video could not have been recorded on the date it claimed because the environment is not the same as it was during the 2022 protests.

Video supposedly filmed in November 2022 was filmed in 2023

One video, published by Fars News on September 20, featured messages supposedly sent to Iran International in November 2022 by a Telegram user called “Nilo0o”. The supposed user sent a video showing closed businesses on a street with a caption saying: “General strike by the population in Rasht on 17 November 2022.” 

The video was filmed in the Golsar neighbourhood in the city of Rasht. It shows a bank, Melal Credit Institution, on Golsar Street between alleys 92 and 96, in a complex called the Blanca Palace. 

 

The video shows a bank, Melal Credit Institution, on Golsar Street in a complex called the Blanca Palace.
The video shows a bank, Melal Credit Institution, on Golsar Street in a complex called the Blanca Palace. © Observers

 

But other information indicates that the Golsar branch of the bank moved to that location in 2023. A video of Golsar Street filmed in January 2023 shows the same location vacant, with a banner giving contact information for the complex. 

 

This photo shows the same location vacant, with a banner giving contact information for the complex.
This photo shows the same location vacant, with a banner giving contact information for the complex. © Observers

 

Yellow Pages information indicate that Melal Credit had a branch at a different location on Golsar Street, 500 metres away near alley 109.

 

This photo shows that Melal Credit had a branch at a different location on Golsar Street, 500 metres away near alley 109.
This photo shows that Melal Credit had a branch at a different location on Golsar Street, 500 metres away near alley 109. © Observers

 

A posting by a business at that location in February 2023 said: ““I am the new owner at alley 109, pls Bank update your contact info!” 

A posting by a business at that location in February 2023 said: ““I am the new owner at alley 109, pls Bank update your contact info!”
A posting by a business at that location in February 2023 said: ““I am the new owner at alley 109, pls Bank update your contact info!” © Observers

The video supposedly intercepted by hackers could not have been filmed in November 2022.

If the regime succeeds in cutting this line, we will have a total information freeze

Bahram [not his real name] is an Iranian journalist who has been arrested or interrogated multiple times in recent years over his reporting on current affairs in Iran. He says that with widespread censorship in Iran, many Iranians turn to overseas broadcasters like Iran International for reliable news.

Iranians now record everything with their mobile phones: strikes, protests, police violence … and send the videos to organisations that will publish them. The amateur videos people send to overseas broadcasters are our only source of information. If the regime succeeds in cutting this line of communication, we will have a total information freeze in our country. We will not know what is going on: we’ll know absolutely nothing.

The regime has done its best to drive us into such a blackout. They have blocked social media, but people use VPN proxy servers to get access.

They have tried to discredit these media or activists through propaganda smear campaigns. Now the latest attempt is to scare people. They’re saying: “If you send them something, we will find you, so don’t send them anything.” However, I am not sure it will ultimately benefit the regime. Maybe in the short term people will hesitate for a few days to send videos to this or that media or activist, but in the long term I think nothing will change. You will not give up your water source, no matter how tiny it is, in a desert.



Source link

#Iranian #hack #targets #citizens #send #videos #foreign #broadcasters

Has Meta’s record-breaking Threads opened us up to more cyberthreats?

Post By World , , , ,

By Dr Niklas Hellemann, Psychologist, CEO, SoSafe

Whether it’s the launch of Threads, the shift to remote work, or even the start of the war in Ukraine, hackers will manipulate our emotions against us, Dr Niklas Hellemann writes.

Threads, the new social media platform from Meta and supposed Twitter competition, is officially the fastest-growing new app in history. 

In just five days, the Twitter competitor was able to gain over 100 million users, which is even more impressive as the app is not yet available in Europe. 

However, in an already treacherous dark economy, where various channels are leveraged for cybercrime, Meta’s new social media superstar is yet another convenient avenue of attack for career cybercriminals and their social engineering toolkit. 

Civilians and employees – especially those who work with sensitive data – must be vigilant, as the rapidly expanding social media landscape represents a serious security risk.

A plethora of scams

In the short time since its release, cybercriminals have already used Threads’ high-profile launch to attempt to scam and attack unsuspecting users. 

For instance, criminals have developed phishing sites that mimic non-existent web versions of Threads, which are designed to trick users into entering their login details. 

Because Threads is connected to other Meta services, cybercriminals could use these phishing sites to steal access to users’ other social media accounts, such as Instagram or Facebook. 

This is not only a privacy risk, opening the door to identity theft and doxing, but also a financial risk, as criminals may be able to steal personal banking information.

Similarly, fake versions of the app have appeared in smartphone stores, either to trick users out of their money by requiring payment or to act as a channel for malware and phishing attacks. 

Earlier this month, Apple had to remove a counterfeit Threads app from its European app store after it climbed to the number one spot in its store.

Social media, the perfect hunting ground

One reason these fraudulent sites and apps have been so successful is that Threads is not yet available to European consumers. 

Its launch in the EU was delayed due to regulatory issues over the extensive amount of data Threads collects on its users, which should concern prospective users. 

Threads can collect personal information, including location, finance and even health and fitness data. 

This treasure trove of data makes it an attractive target for hackers, representing a serious vulnerability if it is breached.

Those who can use Threads must also be careful about who they follow. Threads’ current verification system allows anyone to purchase a “tick”. 

Without vetting, there is a risk of impersonators pretending to be well-known celebrities or organisations, possibly scamming users out of their money or as part of a multi-channel phishing attack. 

Social media is the perfect hunting ground for spear-phishing attacks: by harvesting personal details, cybercriminals can craft their attacks to target people with surgical precision, including by pretending to be an authority figure, such as the CEO of a business. 

This is made even easier because users may falsely believe that they are in a safe, private environment and feel encouraged to broadcast their personal information.

FOMO, a part of human nature

The security issues around Threads relate to a basic psychological phenomenon that leads to potential risks. 

Namely, humans are fallible in the sense of reacting with certain behaviour to certain emotions, and when faced with the novelty and excitement of getting to grips with new technologies, they often let their guard down. 

In their haste to try out Threads, many users are exposing themselves to these scams. 

“FOMO” – the fear of missing out – is very real when it comes to jumping headfirst into exciting new platforms, but unfortunately, so are the potential risks.

However, there is a bigger issue at play. The rapid diversification of not just social media channels but also the communication tools and collaboration platforms we use in our everyday work and personal lives mean that we are frequently getting to grips with unfamiliar technologies and environments. 

Our increased dependency on this wider range of tools and platforms provides an advantage to cybercriminals, giving them more channels and vulnerabilities to attack and more ways to collect valuable data.

The security concerns around Threads also point to the simple fact that most people are unaware of the huge menu of tactics and methods used by today’s highly professional hackers. 

The cybercrime industry has never been more sophisticated or had more resources and opportunities, with the professionalisation of cybercrime leading to the creation of organised networks operating like slick criminal enterprises. 

Their main chance for success? Playing with our human psyche and emotions.

This is what you can do to protect yourself

So, how can everyday people stay safe in this ever-evolving cyberthreat jungle? 

First, we need to raise awareness of the threats that are out so that people remember to protect themselves online. 

By learning to spot threats or malicious messages, people are much better equipped to deal with them rather than learn the hard way.

Second, we need to reinforce safe online behaviour. That means setting strong passwords and using multi-factor authentication to keep login details secure, but also being aware of what information we are sharing online – social media are public platforms where you cannot control the spread of information. 

Where possible, set your account to private.

Finally, be aware that cybercriminals will find ways to exploit current affairs as they are masters of social engineering.

Whether it’s the launch of Threads, the shift to remote work, or even the start of the war in Ukraine, hackers will manipulate our emotions against us.

Today’s cybercriminals are experts at exploiting the human psyche. 

Only if we are aware of the innovation strength and creativity of cybercriminals and practice secure behaviour while online will we be able to notice these risks continuously and stay safe. 

Dr Niklas Hellemann is a psychologist and the CEO of SoSafe, a security awareness scale-up.

At Euronews, we believe all views matter. Contact us at [email protected] to send pitches or submissions and be part of the conversation.

Source link

#Metas #recordbreaking #Threads #opened #cyberthreats