Last Updated on October 27th, 2023, By
 In AppSec Bulletin

SIM Card Swap Fraud – Delhi Lawyer Loses Rs 50 Lakh with Just 3 Missed Calls

A lawyer based in North Delhi falls prey to a phone hacking scam, losing funds from her bank account following three missed calls from unfamiliar numbers.

On October 18, an incident was reported involving a 35-year-old advocate specializing in trial and high courts. Having received three missed calls from a particular number, she returned the call from a different line, assuming it was a delivery service regarding a package. However, two unauthorized withdrawals from her bank account were discovered, prompting her to alert the authorities.

Described as a ‘SIM Swap fraud’ by an officer, the case suggests a fraudulent SIM card replacement, leading to unauthorized transactions without the victim’s consent. Further investigation revealed an unusual browsing history on unfamiliar websites and received suspicious SMS messages containing phishing links and false UPI registration notifications, of which the lawyer had no prior knowledge.

According to the complainant, an individual posing as an IFSO officer contacted her post the incident, attempting to acquire her bank statement. Fortunately, no details were shared with the imposter. The cyber cell has initiated an investigation into the case, although no suspects have been identified as of yet.

This incident is the latest in a series of SIM card swapping and phone hacking scams in Delhi, typically orchestrated through the hijacking of mobile phone numbers and linking them to new SIM cards, often with the aid of an insider within a mobile service provider. The criminals then exploit the swapped SIM card to intercept OTPs, gaining access to the victims’ bank accounts and leading to financial losses.

Source – Times Now

1Password Identifies Unusual Behavior Post Okta Support Breach

1Password, a prominent password management solution, identified suspicious activity within its Okta instance after a support system breach on September 29. The breach originated from a session cookie shared with Okta Support by an IT team member. The malicious actor attempted several actions but failed to access the IT team member’s user dashboard. Though no user data or sensitive systems were compromised, 1Password has taken security-enhancing measures, such as denying logins from non-Okta IDPs, reducing session durations for administrative users, and enforcing stricter multi-factor authentication rules. The incident resembles a known campaign involving compromise of super admin accounts and manipulation of authentication flows. The association with Scattered Spider, known for targeting Okta through social engineering attacks, remains uncertain. This development followed Okta’s recent disclosure of a breach that impacted about 1% of its customer base, including BeyondTrust and Cloudflare.

Source – The Hacker News

Authorities Detain 34 Cybercriminals in Spain for Online Scams Worth Millions

Spanish law enforcement agents have apprehended 34 individuals involved in multiple online scams, resulting in illicit earnings of around $3.2 million for the group.

Raids were carried out in 16 locations across Madrid, Malaga, Huelva, Alicante, and Murcia, resulting in the confiscation of various items, including cash, high-value vehicles, electronic equipment, and a database with information on four million people.

The criminal activities comprised impersonating banks and utility companies via email, SMS, and phone calls to deceive victims. The group also diverted technology products from suppliers and manipulated financial accounts, capitalizing on fraudulent transactions and bogus websites.

According to the authorities, the network leaders used false identification, spoofing techniques, and investments in cryptocurrency to conceal their activities.

This development follows recent crackdowns on cybercrime, including the arrest of the Black Panthers group in Barcelona and the discovery of a money laundering scheme combining counterfeit loan apps and India’s Unified Payments Interface (UPI).

Source – The Hacker News

Samsung Galaxy S23 Experiences Two Hacks on the First Day of Pwn2Own Toronto

During the Pwn2Own 2023 event in Toronto, Canada, security researchers successfully hacked the Samsung Galaxy S23 twice, uncovering zero-day vulnerabilities in Xiaomi’s 13 Pro smartphone, printers, smart speakers, NAS devices, and surveillance cameras. The exploit on the Galaxy S23 by Pentest Limited earned $50,000 and 5 Master of Pwn points, while the STAR Labs SG team received $25,000 and 5 Master of Pwn points. The contest, offering over $1 million in cash and prizes, included multiple device categories like mobile phones and IoT devices. The highest rewards were for discovering zero-day bugs in mobile phones, with cash prizes up to $300,000 for the iPhone 14 and $250,000 for the Pixel 7. A complete schedule of the competition can be found on the official website. On the second day, the Galaxy S23 will face further testing by security researcher Le Xich Long and hackers from Interrupt Labs.

Source – Bleeping Computer

Cyber experts express concern about data security in India

In India, digital transformation and advanced technology development are on the rise, but concerns over data security, growing threats from neighboring adversaries, and increasing scammer sophistication persist. Cyber experts, during the Singapore Cyber Week 2023, emphasized the need for collaboration and a comprehensive ecosystem to combat tech-driven threats. Over the past six months, healthcare, education/research, and utilities were the most impacted industries, with an average of 2,157 weekly attacks per organization in India. Cybersecurity is becoming more complex, requiring board and management involvement to ensure business continuity. India has made strides in digital transformation, but it often lacked a security-first approach.

Recent regulations, like the Digital Personal Data Protection Act, have boosted confidence among multinationals, but there’s still room for improvement, particularly regarding sharing critical data to enhance cyber resilience. Quad’s ongoing work on an information-sharing agreement could further strengthen cyber resilience among its member countries. The growth of India’s venture capital industry is attracting talent and fostering a self-reliant digital ecosystem. The construction of numerous data centers also emphasizes the country’s commitment to data localization. However, cyber experts warn against complacency, emphasizing the need for clearer data visibility and acknowledging the borderless nature of cyberattacks.

Source – ETTelecom

AppSealing is the only cloud-based pay-as-you-go solution to protect mobile apps without writing a single line of code. Our solution is easy to use and allows you to protect mobile apps from hackers and illegal application modification, thus making it secure in run-time with RASP Security Features.