By Press Trust of India | Updated: 7 November 2022
Illegal hacking operatives, dubbed “hack-for-hire” companies, are operating across India and infiltrate emails and phones of VIPs and states for a fee paid by private investigators around the world, an undercover investigation has claimed on Sunday.
‘The Sunday Times’ and Bureau of Investigative Journalism conducted a sting operation to expose several Indian hackers offering their services to hack into private email accounts and messages of victims on behalf of investigators working for autocratic states, British lawyers and their wealthy clients.
According to the investigation based on leaked documents and undercover work in India earlier this year, journalists posing as former MI6 agents turned private investigators claim that one gang “seized control of computers” owned by Pakistan’s politicians, generals and diplomats and eavesdropped on their private conversations “apparently at the behest of the Indian secret services”.
The hacking gang, which operates under the name WhiteInt, is run from a fourth-floor apartment in a suburb of the tech city Gurugram in Haryana. Its mastermind is a 31-year-old man — an occasional TV cybersecurity pundit who also holds down a day job at the Indian office of a British accountancy firm, according to the ‘Sunday Times’ report.
For seven years, he has run a network of computer hackers who have been hired by British private detectives to steal the email inboxes of their targets using ‘phishing’ techniques, it claims.
Malicious software which takes control of computer cameras and microphones, and allows hackers to view and listen to their victims are some of the methods used in such hack-for-hire operations, which earns hackers anywhere between $3,000 (roughly Rs. 2,46,650) and $20,000 (roughly Rs. 16,44,320).
“I offer access to closed source information of email and computers of the PoI (person of interest) anywhere across the globe… an average timeline is around 20 to 30 days,” he was quoted as telling the undercover journalists.
When approached last month by the team, he claimed he did not know some of the people named on his database and denied hacking the others listed: “I can say categorically that I have not hacked, launched or attempted to hack any of these people.” Another operative contacted by the team was a 28-year-old computer specialist, who boasted of hacking more than 500 email accounts, mostly on behalf of his corporate intelligence clients.
“The British and the whole world… are using Indian hackers,” he is quoted as saying in Delhi.
When approached for comment last month, he claimed he had only “hacked 100 times” and that he was “blowing my own trumpet”.
He alleged that UK companies had been employing Indian hackers for more than a decade.
One of them was allegedly set up in Delhi more than a dozen years ago supposedly to train a new generation of “ethical” hackers who could help safeguard individuals and businesses from cyberattacks.
However, the firm, now defunct, is alleged to have secretly established a lucrative sideline taking cash from clients around the world to hack individuals. These clients are said to have included corporate intelligence companies based in Britain, the Sunday Times reported.
The undercover investigation concludes that the use of the “Indian underworld to break into email accounts and smartphones has become a practice that has been proliferating for years”.
Investigators from the UK have been able to commission “hack-for-hire” firms with little fear that they will be prosecuted for breaking the country’s computer misuse laws.
Several of the targets on the leaked database accessed by them include British lawyers and wealthy people involved in cases in London’s High Court, reportedly including a member of the UK’s richest Indian-origin Hinduja family, the Sunday Times report said.
China-Based APT41 Hacker Group Stole $20 Million Worth of US COVID-19 Relief Funds: Report
By ANI | Updated: 8 December 2022
China-based hackers stole at least $20 million (roughly Rs. 165 crore) in US Covid relief benefits, including unemployment insurance funds and Small Business Administration loans, NBC news reported citing the country’s Secret Service. Hackers linked to the Chinese government are from a Chengdu-based group known as APT41. The report said other federal investigations of pandemic fraud also seem to point back to foreign state-affiliated hackers. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, national pandemic fraud recovery coordinator for the Secret Service, told NBC. The US Secret Service declined to confirm the scope of other investigations.
They said there are over 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, and APT41 is “a notable player,” according to NBC news.
In recent months, the US has witnessed a rise in espionage cases emanating from China.
Last month, in three separate cases, the US government charged 13 individuals, including members of China’s security and intelligence apparatus and their agents, for alleged efforts to unlawfully exert influence in the United States for the benefit of their government.
“As these cases demonstrate, the government of China sought to interfere with the rights and freedoms of individuals in the United States and to undermine our judicial system that protects those rights. They did not succeed,” said US Attorney General Merrick B. Garland, as quoted in the Justice Department press statement.
“The Justice Department will not tolerate attempts by any foreign power to undermine the Rule of Law upon which our democracy is based. We will continue to fiercely protect the rights guaranteed to everyone in our country. And we will defend the integrity of our institutions,” Garland added.
Seven Chinese nationals were charged – two of whom were arrested on October 20 in New York – with participating in a scheme to cause the forced repatriation of a PRC national residing in the United States.
The defendants are accused of conducting surveillance of and engaging in a campaign to harass and coerce a US resident to return to Beijing as part of an international extralegal repatriation effort known as “Operation Fox Hunt.”
Data of 6 Lakh Indians Stolen, Sold on Bot Markets So Far; Around 50 Lakh Users Affected Globally, Study Shows
By Reuters | Updated: 8 December 2022
Around five million people globally have had their data stolen and sold on the bot market to date, of which 6 lakh are from India, making it the worst affected country, according to one of the world’s largest VPN service providers NordVPN.
Bot markets are used by hackers to sell stolen data from victims’ devices with bot malware.
The study by NordVPN, of Lithuania’s Nord Security, said the stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person pegged at Rs. 490.
NordVPN tracked data for the past four years, ever since bot markets were launched in 2018.
India has been dealing with cyber security concerns for a while. As recently as last month, multiple servers of the All India Institute of Medical Sciences (AIIMS), a federal government hospital that caters to ministers, politicians and the general public, were infected on November 23, a senior police official told Reuters.
A week after the ransomware attack on AIIMS, the Indian Council of Medical Research (ICMR) faced around 6,000 hacking attempts within 24 hours on November 30, Times of India reported.
Indian cybersecurity rules have tightened only earlier this year, with the Indian Computer Emergency Response Team (CERT) requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.
NordVPN’s study looked into three major bot markets — the Genesis market, the Russian Market, and 2Easy — and found stolen logins including those from Google, Microsoft and Facebook accounts.
“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place,” said Marijus Briedis, chief technology officer at NordVPN.
“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot.”
Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 5,38,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.
© Thomson Reuters 2022
AIIMS Delhi Cyberattack Highlights Security Risks, Online Operations Resume After Two Weeks
By Associated Press | Updated: 8 December 2022
AIIMS Delhi, the leading hospital in the national capital limped back to normalcy on Wednesday after a cyberattack crippled its operations for nearly two weeks. Online registration of patients resumed Tuesday after the hospital was able to access its server and recover lost data. The hospital worked with federal authorities to restore the system and strengthen its defences.
It’s unclear who conducted the November 23 attack on the All India Institute of Medical Sciences or where it originated. Hospital authorities didn’t respond to requests for comment.
The attack was followed by a series of failed attempts to hack the country’s top medical research organisation, the Indian Council of Medical Research. This raised further concerns about the vulnerability of the country’s health system to attacks at a time when the government is pushing hospitals to digitise their records.
More than 173,000 hospitals have registered with a federal program to digitise health records since its launch in September 2021. The program assigns patients numbers that are linked to medical information stored by hospitals on their own servers or in cloud-based storage. Experts fear that hospitals may not have the expertise to ensure digital security.
“Digitising an entire health care system without really safeguarding it can pretty much kill an entire hospital. It suddenly stops functioning,” said Srinivas Kodali, a researcher with the Free Software Movement of India.
That is what happened to the hospital in New Delhi. Healthcare workers couldn’t access patient reports because the servers that store laboratory data and patient records had been hacked and corrupted.
The hospital normally treats thousands of people a day, many of whom travel from distant places to access affordable care. Always crowded, queues at the hospital grew even longer and more chaotic.
“The entire system isn’t working because of the hack,” said Deep Ranjan, who came to New Delhi from north-eastern Assam state. He said he had spent five days waiting in line and still has not seen a doctor.
Sandeep Kumar, who accompanied his ill father, said the digital attack meant that appointments couldn’t be booked online, and that doctors could do little when they saw patients because they couldn’t access their medical history.
“We are digitising (everything), but then there is an attack on the country’s most important medical institute,” he said.
On November 30, there were repeated but ultimately unsuccessful attempts to breach the website of the Indian Council of Medical Research, the Press Trust of India news agency reported.
The attack on the hospital raised “serious questions about the cybersecurity of the country,” said K.C. Venugopal, a member of Parliament from the main opposition Congress party.
The government drafted a proposed law governing data privacy last month, but critics say it offers few safeguards to people. It has not yet been passed by Parliament.
Google Asked to Drop Ads of Online Betting Firms in YouTube, Search Results: Report
By Reuters | Updated: 7 December 2022
Google has been asked by the government not to display surrogate ads of overseas betting companies, Mint newspaper reported on Wednesday, citing a person aware of the development in the ministry of information and broadcasting.
The letter sent last week to Alphabet’s Google India asked the company to immediately drop all advertising, direct or surrogate, from betting platforms like Fairplay, PariMatch, Betway in search results and YouTube, the report said.
India’s planned regulation of online gaming will apply to all real-money games after the prime minister’s office overruled a proposal to only regulate games of skill and leave out games of chance, Reuters reported on December 4, citing a government document and three sources.
“After our last advisory on 3 October, TV channels and OTT (over-the-top) players stopped showing surrogate ads of online betting firms, but it was brought to our notice that many such ads are running on YouTube and Google. We have asked Google to stop this immediately,” said a senior ministry official to Mint.
Google did not immediately respond to Reuters request for comment.
India should create a regulatory body to classify online games as based on skill or chance, introduce rules to block prohibited formats and take a stricter stance on gambling websites, a government panel stated in a draft report seen by Reuters earlier in September.
Reuters reported on Tuesday that a panel of state finance ministers was yet to submit its report on taxation of the booming online gaming sector that is crucial to a final decision on how the levies should be imposed, citing a senior government official.
The panel has for weeks been deliberating how it should tax online gaming companies — and whether federal tax should be imposed on only the profits of firms or on the value of the entire pool of money collected from participants.
© Thomson Reuters 2022
New Zealand Plans to Introduce Law to Make Google, Facebook Pay Local Outlets for News
By Reuters | Updated: 5 December 2022
The New Zealand government said it will introduce a law that will require big online digital companies such as Alphabet’s Google and Meta to pay New Zealand media companies for the local news content that appears on their feeds.
Minister of Broadcasting Willie Jackson said in a statement on Sunday that the legislation will be modelled on similar laws in Australia and Canada and he hoped it would act as an incentive for the digital platforms to reach deals with local news outlets.
“New Zealand news media, particularly small regional and community newspapers, are struggling to remain financially viable as more advertising moves online,” Jackson said. “It is critical that those benefiting from their news content actually pay for it.”
The new legislation will go to a vote in parliament where the governing Labour Party’s majority is expected to pass it.
Australia introduced a law in 2021 that gave the government power to make internet companies negotiate content supply deals with media outlets. A review released by the Australian government last week found it largely worked.
The law, which took effect in March 2021 after talks with the big tech firms led to a brief shutdown of Facebook news feeds in Australia, may need to be extended to other online platforms, the review said.
Since the News Media Bargaining Code took effect, the tech firms had inked more than 30 deals with media outlets compensating them for the content which generated clicks and advertising dollars, said the Treasury Department report, published last week.
The report mostly recommended that the government consider new methods of assessing the administration and effectiveness of the law, and did not suggest changing the law itself.
“At least some of these agreements have enabled news businesses to, in particular, employ additional journalists and make other valuable investments to assist their operations,” said the report. “While views on the success or otherwise of the Code will invariably differ, we consider it is reasonable to conclude that the Code has been a success to date.”
© Thomson Reuters 2022
Google CEO Sundar Pichai Pays Tribute to Indian Roots on Being Honoured With Padma Bhushan
By Press Trust of India | Updated: 3 December 2022
“India is a part of me and I carry it with me wherever I go,” Google and Alphabet CEO Sundar Pichai has said, as he received the prestigious Padma Bhushan award from the Indian envoy to the US.
Indian-American Pichai was awarded the Padma Bhushan for 2022 in the Trade and Industry category. The Madurai-born Pichai was named one of the 17 awardees earlier this year.
He received India’s third-highest civilian award in the presence of his close family members in San Francisco on Friday.
“I am deeply grateful to the Indian government and the people of India for this immense honour. It is incredibly meaningful to be honoured in this way by the country that shaped me,” 50-year-old Pichai said while accepting the award from India’s Ambassador to the US, Taranjit Singh Sandhu.
“India is a part of me. I carry it with me wherever I go. (Unlike this beautiful award which I will keep somewhere safe),” he said.
“I was fortunate to grow up in a family that cherished learning and knowledge, with parents who sacrificed a lot to make sure I had opportunities to explore my interests,” Pichai said.
India’s Consul General in San Francisco, T V Nagendra Prasad, was also present during the event.
Sandhu said that Pichai represented the limitless possibilities of technology for transformation.
“He has been making commendable efforts towards making digital tools, and skills accessible to across various segments of the society in different parts of the globe,” he said.
Recalling Prime Minister Narendra Modi’s vision of technology that combines 3Ss – speed, simplicity and service, Sandhu hoped that Google would make full use of the digital revolution happening in India.
Pichai said that it had been amazing to return to India many times over the years to see the rapid pace of technological change.
The innovations created in India are benefitting people around the world – from digital payments to voice technology, he said.
“I look forward to continuing the great partnership between Google and India, as we work together to bring the benefits of technology to more people,” he said.
Businesses are seizing the opportunities for digital transformation, and more people have access to the internet than ever before, including in rural villages, Pichai said.
“Prime Minister Modi’s Digital India vision has certainly been an accelerator for that progress and I’m proud that Google continues to invest in India, partnering with governments, businesses, and communities over two transformative decades,” he said.
“Every new technology that arrived at our doorstep made our lives better. And that experience put me on a path to Google, and the chance to help build technology that improves the lives of people all over the world,” he said.
Pichai said he sees so much opportunity ahead.
On India taking over the G20 presidency, Pichai said: “It’s an amazing opportunity to build consensus on strengthening the global economy by advancing an internet that is open, connected, secure, and works for everyone. That’s a goal we share, and are committed to advancing with you.” India formally assumed the G20 Presidency on Thursday.
“I am grateful for the opportunity to do this work together and bring the benefits of technology to more people,” Pichai said.
Google this year added 24 new languages to its translation service using a new advancement in machine learning. Eight of them are languages native to India.
“It means so much to see how people can access information and knowledge in their preferred language, and see the world open up to them in new ways. That’s why I continue to be so optimistic about technology, and why I believe India can and must continue to lead,” he added.
Microsoft Activision Deal: US FTC Sues to Block $69 Billion Takeover Deal Over Competition Concerns
Twitter Set to Introduce New Controls for Ad Placements to Lure Advertisers Back After Elon Musk Takeover
China-Based APT41 Hacker Group Stole $20 Million Worth of US COVID-19 Relief Funds: Report
India Is Planning to Roll Out 6G Telecom Network by Decade End, 5G to Launch in Few Months: Prime Minister Modi
Hyundai Partners With Tata Power to Set Up Electric Vehicle Charging Infrastructure
India’s 5G Testbed Successfully Tested in IIT Madras, Union Minister Ashwini Vaishnaw Made First 5G Call
Science2 weeks ago
ISRO’s RH200 Sounding Rocket Registers 200th Consecutive Successful Launch
Mobiles2 weeks ago
Huawei, ZTE Sale, Import Banned in US After Being Listed as Threats by FCC
Technology2 weeks ago
OTT Communication Services Should Be Licensed, Compensate Telcos for Data Traffic, COAI Says
Apps2 weeks ago
Zoom Annual Revenue Forecast Lowered Amid Decline in Online Business, Rising Inflation
Mobiles2 weeks ago
iPhone Factory Workers’ Protest: Over 20,000 New Hires Said to Leave Foxconn’s Zhengzhou Plant
Mobiles2 weeks ago
iPhone November Shipments to See Further Decline at Foxconn’s Plant in China
Cryptocurrency3 weeks ago
FTX Launches Strategic Review, Seeks Court Relief to Pay Critical Vendors
Technology2 weeks ago
COAI Seeks Reduction in Licence Fee to 1 Percent, Waiver in Customs Duty for 5G Network Equipment