#FactCheck -AI-Generated Image Falsely Linked to Kotdwar Shop Controversy

Introduction

CyberPeace Chronicles is a one-stop for the latest edition of news, updates, and findings in global cyberspace. As we step into the cyberage, it is pertinent that we need to incorporate cybersecurity practices in our day-to-day activities. From laptops to automated homes and cars, we are all surrounded by technology in some form or another. Thus, with the increased dependency, we need to eradicate the scope of vulnerabilities and threats around us and create robust and sustainable safety mechanisms for us and future generations. 

‍

What, When and How? 

• WIN-RAR Update: CVE-2023-33831, a serious vulnerability, was identified in WinRAR versions prior to 6.23 in April 2023. When users attempted to access seemingly harmless files inside ZIP archives, this vulnerability allowed attackers to run arbitrary code. Cybercriminals transmitted malware families like DarkMe, GuLoader, and Remcos RAT by taking advantage of this vulnerability. It is essential to update WinRAR to version 6.23 or later in order to protect your computer and your data. Follow the following steps to secure your device -

• Checking Your Current WinRAR Version
• Downloading the Latest WinRAR Version
• Installing the Updated WinRAR
• Completing the Installation
• Verifying the Update 
• Cleaning Up 

• Indonesian Hacker Groups Target Indian Digital Infrastructure: As India geared up to host the G20 delegation as part of the Leadership Summit, various reports pointed towards different forms and intensity-based cyber attacks on Indian organisations and digital infrastructure. Tech firms in India have been successful in tracing the origination of the attacks to be from Indonesia. It is believed that hacker groups backed by anti-India elements have been trying to target the digital resources of India. Organisations and central agencies like Computer Emergency Response Team (CERT-In), National Critical Information Infrastructure Protection Centre (NCIIPC), I4C (Indian Cybercrime Coordination Centre), Delhi Police, Intelligence Bureau (IB), Research and Analysis Wing (R&AW), National Investigation Agency (NIA) and Central Bureau of Investigation (CBI) have constantly been working in keeping the Digital interests of India safe and secure, and with the ongoing G20 summit, it is very pertinent to be mindful of potential threats prevailing to prepare counter tactics for the same. 
• CLOP Ransomware: The CL0P ransomware is thought to have initially surfaced in 2019 and was developed by a cybercriminal organisation that spoke Russian. The threat actor FIN11 (also known as TA505 and Snakefly), who is notorious for being financially driven, is frequently connected to the CL0P ransomware, which had its roots at the beginning of 2019. By utilising this technique, CL0P has targeted businesses utilising the "Accellion FTA" file transfer appliance's vulnerable version. Accordingly, it has been asserted that the following vulnerabilities have been used to access victim data and maybe switch to victim networks. Numerous well-publicized attacks carried out by CL0P have had an impact on organisations all across the world. Especially for Managed File Transfer (MFT) programmes, the CL0P performers are well known for their talent in developing zero-day vulnerabilities. The gang went after Accellion File Transfer Appliance (FTA) devices in both 2020 and 2021, then early in 2023, they went after Fortran/Linoma GoAnywhere MFT servers, and then later in June, they went after MOVEit transfer deployments. Up to 500 organisations are thought to have been harmed by this aggressive operation. Some of the ways to mitigate the risk are as follows: 

• Regular Software Updates: Updating programmes and systems helps prevent known security flaws that fraudsters frequently exploit.
• Employee Training: Employee training can significantly lower the likelihood of successful penetration by educating staff members about phishing scams and safe internet conduct.
• Network Segmentation: By separating networks and restricting lateral movement, a ransomware attack's potential effects can be reduced.
• Regular Data backups: Data backups can lessen the effects of encryption and deter payment by regularly backing up data and storing it offsite.
• Security solutions: Putting in place effective cybersecurity measures like firewalls, intrusion detection systems, and cutting-edge endpoint protection can greatly improve an organisation's defences.

• Increased scrutiny for SIM card vendors: As phishing and smishing scams are on the rise in India, the Telecom Regulatory Authority of India (TRAI) has repeatedly issued notifications and consultation papers to address this growing concern. Earlier this year, TRAI notified that promotional calling will not be continued from 10-digit personal numbers. Instead, companies will now have to take authorised 9-digit numbers for promotional calls and SMSs. Similarly, to increase the efficiency of the same, TRAI has laid down that all the SIM card vendors will now have to be verified again, and any discrepancy found against any of the vendors will lead to blacklisting and penal actions against the vendor. 

‍

Conclusion

In conclusion, the digital landscape in 2023 is rife with both opportunities and challenges. The recent discovery of a critical vulnerability in WinRAR underscores the importance of regularly updating software to protect against malicious attacks. It is imperative for users to follow the provided steps to secure their devices and safeguard their data. Furthermore, the cyber threat landscape continues to evolve, with Indonesian hacker groups targeting Indian digital infrastructure, particularly during significant events like the G20 summit. Indian organisations and cybersecurity agencies are working diligently to defend against these threats and ensure the security of digital assets. The emergence of ransomware attacks, exemplified by the CL0P ransomware, serves as a stark reminder of the need for robust cybersecurity measures. Regular software updates, employee training, network segmentation, data backups, and advanced security solutions are crucial components of a comprehensive defence strategy against ransomware and other cyber threats. Additionally, the Telecom Regulatory Authority of India's efforts to enhance security in the telecommunications sector, such as stricter verification of SIM card vendors, demonstrate a proactive approach to addressing the rising threat of phishing and smishing scams. In this dynamic digital landscape, staying informed and implementing proactive cybersecurity measures is essential for individuals, organisations, and nations to protect their digital assets and maintain a secure online environment. Vigilance, collaboration, and ongoing adaptation are key to meeting the challenges posed by cyber threats in 2023 and beyond.

‍

Executive Summary:

A morphed video of the actor Anup Soni popular on social media promoting IPL betting Telegram channel is found to be fake. The audio in the morphed video is produced through AI voice cloning. AI manipulation was identified by AI detection tools and deepfake analysis tools. In the original footage Mr Soni explains a case of crime, a part of the popular show Crime Patrol which is unrelated to betting.  Therefore, it is important to draw the conclusion that Anup Soni is in no way associated with the betting channel.

‍

Claims:

The facebook post claims the IPL betting Telegram channel which belongs to Rohit Khattar is promoted by Actor Anup Soni.

Fact Check:

Upon receiving the post, the CyberPeace Research Team closely analyzed the video and found major discrepancies which are mostly seen in AI-manipulated videos. The lip sync of the video does not match the audio. Taking a cue from this we analyzed using a Deepfake detection tool by True Media. It is found that the voice of the video is 100% AI-generated. 

We then extracted the audio and checked in an audio Deepfake detection tool named Hive Moderation. Hive moderation found the audio to be 99.9% AI-Generated.

‍

We then divided the video into keyframes and reverse searched one of the keyframes and found the original video uploaded by the YouTube channel named LIV Crime.

Upon analyzing we found that in the 3:18 time frame the video was edited, and altered with an AI voice.

‍

Hence, the viral video is an AI manipulated video and it’s not real. We have previously debunked such AI voice manipulation with different celebrities and politicians to misrepresent the actual context. Netizens must be careful while believing in such AI manipulation videos.

Conclusion:

In conclusion, the viral video claiming that  IPL betting Telegram channel promotion by actor Anup Soni is false. The video has been manipulated using AI voice cloning technology, as confirmed by both the Hive Moderation AI detector and the True Media AI detection tool. Therefore, the claim is baseless and misleading.

• Claim:  An IPL betting Telegram channel belonging to Rohit Khattar promoted by Actor Anup Soni.
• Claimed on: Facebook
• Fact Check: Fake & Misleading

Executive Summary:

‍

A video circulating on social media falsely claims that India’s Finance Minister, Smt. Nirmala Sitharaman, has endorsed an investment platform promising unusually high returns. Upon investigation, it was confirmed that the video is a deepfake—digitally manipulated using artificial intelligence. The Finance Minister has made no such endorsement through any official platform. This incident highlights a concerning trend of scammers using AI-generated videos to create misleading and seemingly legitimate advertisements to deceive the public.

‍

Claim:

‍

A viral video falsely claims that the Finance Minister of India Smt. Nirmala Sitharaman is endorsing an investment platform, promoting it as a secure and highly profitable scheme for Indian citizens. The video alleges that individuals can start with an investment of ₹22,000 and earn up to ₹25 lakh per month as guaranteed daily income.

‍

‍

‍

Fact check:

‍

By doing a reverse image search from the key frames of the viral fake video we found an original YouTube clip of the Finance Minister of India delivering a speech on the webinar regarding 'Regulatory, Investment and EODB reforms'. Upon further research we have not found anything related to the viral investment scheme in the whole video.  

The manipulated video has had an AI-generated voice/audio and scripted text injected into it to make it appear as if she has approved an investment platform. 

‍

‍

The key to deepfakes is that they seem relatively realistic in their facial movement; however, if you look closely, you can see that there are mismatched lip-syncing and visual transitions that are out of the ordinary, and the results prove our point. 

‍

‍

Also, there doesn't appear to be any acknowledgment of any such endorsement from a legitimate government website or a credible news outlet. This video is a fabricated piece of misinformation to attempt to scam the viewers by leveraging the image of a trusted public figure.

‍

Conclusion:

‍

The viral video showing the Finance Minister of India, Smt. Nirmala Sitharaman promoting an investment platform is fake and AI-generated. This is a clear case of deepfake misuse aimed at misleading the public and luring individuals into fraudulent schemes. Citizens are advised to exercise caution, verify any such claims through official government channels, and refrain from clicking on unknown investment links circulating on social media.

• Claim: Nirmala Sitharaman promoted an investment app in a viral video.
• Claimed On: Social Media
• Fact Check: False and Misleading

‍