#FactCheck -Viral Claim That Yogi Adityanath Urged People Not to Watch Shah Rukh Khan’s Films Is Misleading

Executive Summary

The IT giant Apple has alerted customers to the impending threat of "mercenary spyware" assaults in 92 countries, including India. These highly skilled attacks, which are frequently linked to both private and state actors  (such as the NSO Group’s Pegasus spyware), target specific individuals, including politicians, journalists, activists and diplomats. In sharp contrast to consumer-grade malware, these attacks are in a league unto themselves: highly-customized to fit the individual target and involving significant resources to create and use.

As the incidence of such attacks rises, it is important that all persons, businesses, and officials equip themselves with information about how such mercenary spyware programs work, what are the most-used methods, how these attacks can be prevented and what one must do if targeted. Individuals and organizations can begin protecting themselves against these attacks by enabling "Lockdown Mode" to provide an extra layer of security to their devices and by frequently changing passwords and by not visiting the suspicious URLs or attachments. 

Introduction: Understanding Mercenary Spyware

Mercenary spyware is a special kind of spyware that is developed exclusively for law enforcement and government organizations. These kinds of spywares are not available in app stores, and are developed for attacking a particular individual and require a significant investment of resources and advanced technologies. Mercenary spyware hackers infiltrate systems by means of techniques such as phishing (by sending malicious links or attachments), pretexting (by manipulating the individuals to share personal information) or baiting (using tempting offers). They often intend to use Advanced Persistent Threats (APT)  where the hackers remain undetected for a prolonged period of time to steal data by continuous stealthy infiltration of the target’s network. The other method to gain access is through zero-day vulnerabilities, which is the process of gaining access to mobile devices using vulnerabilities existing in software. A well-known example of mercenary spyware includes the infamous Pegasus by the NSO Group.

Actions:  By Apple against Mercenary Spyware

Apple has introduced an advanced, optional protection feature in its newer product versions (including iOS 16, iPadOS 16, and macOS Ventura) to combat mercenary spyware attacks. These features have been provided to the users who are at risk of targeted cyber attacks.

Apple released a statement on the matter, sharing, “mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices. Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent.”

When Apple's internal threat intelligence and investigations detect these highly-targeted attacks, they take immediate action to notify the affected users. The notification process involves:

• Displaying a "Threat Notification" at the top of the user's Apple ID page after they sign in.

• Sending an email and iMessage alert to the addresses and phone numbers associated with the user's Apple ID.
• Providing clear instructions on steps the user should take to protect their devices, including enabling "Lockdown Mode" for the strongest available security.
• Apple stresses that these threat notifications are "high-confidence alerts" - meaning they have strong evidence that the user has been deliberately targeted by mercenary spyware. As such, these alerts should be taken extremely seriously by recipients.

Modus Operandi of Mercenary Spyware

1. Installing advanced surveillance equipment remotely and covertly.

2. Using zero-click or one-click attacks to take advantage of device vulnerabilities.

3. Gain access to a variety of data on the device, including location tracking, call logs, text messages, passwords, microphone, camera, and app information.

4. Installation by utilizing many system vulnerabilities on devices running particular iOS and Android versions.

5. Defense by patching vulnerabilities with security updates (e.g., CVE-2023-41991, CVE-2023-41992, CVE-2023-41993).

6. Utilizing defensive DNS services, non-signature-based endpoint technologies, and frequent device reboots as mitigation techniques.

Prevention Measures: Safeguarding Your Devices

1. Turn on security measures: Make use of the security features that the device maker has supplied, such as Apple's Lockdown Mode, which is intended to prevent viruses of all types from infecting Apple products, such as iPhones.

2. Frequent software upgrades: Make sure the newest security and software updates are installed on your devices. This aids in patching holes that mercenary malware could exploit.

3. Steer clear of misleading connections: Exercise caution while opening attachments or accessing links from unidentified sources. Installing mercenary spyware is possible via phishing links or attachments.

4. Limit app permissions: Reassess and restrict app permissions to avoid unwanted access to private information.

5. Use secure networks: To reduce the chance of data interception, connect to secure Wi-Fi networks and stay away from public or unprotected connections.

6. Install security applications: To identify and stop any spyware attacks, think about installing reliable security programs from reliable sources.

7. Be alert: If Apple or other device makers send you a threat notice, consider it carefully and take the advised security precautions.

8. Two-factor authentication: To provide an extra degree of protection against unwanted access, enable two-factor authentication (2FA) on your Apple ID and other significant accounts.

9. Consider additional security measures: For high-risk individuals, consider using additional security measures, such as encrypted communication apps and secure file storage services

Way Forward: Strengthening Digital Defenses, Strengthening Democracy

People, businesses and administrations must prioritize cyber security measures and keep up with emerging dangers as mercenary spyware attacks continue to develop and spread. To effectively address the growing threat of digital espionage, cooperation between government agencies, cybersecurity specialists, and technology businesses is essential.

In the Indian context, the update carries significant policy implications and must inspire a discussion on legal frameworks for government surveillance practices and cyber security protocols in the nation. As the public becomes more informed about such sophisticated cyber threats, we can expect a greater push for oversight mechanisms and regulatory protocols. The misuse of surveillance technology poses a significant threat to individuals and institutions alike. Policy reforms concerning surveillance tech must be tailored to address the specific concerns of the use of such methods by state actors vs. private players. 

There is a pressing need for electoral reforms that help safeguard democratic processes in the current digital age. There has been a paradigm shift in how political activities are conducted in current times: the advent of the digital domain has seen parties and leaders pivot their campaigning efforts to favor the online audience as enthusiastically as they campaign offline. Given that this is an election year, quite possibly the most significant one in modern Indian history, digital outreach and online public engagement are expected to be at an all-time high. And so, it is imperative to protect the electoral process against cyber threats so that public trust in the legitimacy of India’s democratic is rewarded and the digital domain is an asset, and not a threat, to good governance.

‍

Introduction

On the precipice of a new domain of existence, the metaverse emerges as a digital cosmos, an expanse where the horizon is not sky, but a limitless scope for innovation and imagination. It is a sophisticated fabric woven from the threads of social interaction, leisure, and an accelerated pace of technological progression. This new reality, a virtual landscape stretching beyond the mundane encumbrances of terrestrial life, heralds an evolutionary leap where the laws of physics yield to the boundless potential inherent in our creativity. Yet, the dawn of such a frontier does not escape the spectre of an age-old adversary—financial crime—the shadow that grows in tandem with newfound opportunity, seeping into the metaverse, where crypto-assets are no longer just an alternative but the currency du jour, dazzling beacons for both legitimate pioneers and shades of illicit intent.

The metaverse, by virtue of its design, is a canvas for the digital repaint of society—a three-dimensional realm where the lines between immersive experiences and entertainment blur, intertwining with surreal intimacy within this virtual microcosm. Donning headsets like armor against the banal, individuals become avatars; digital proxies that acquire the ability to move, speak, and perform an array of actions with an ease unattainable in the physical world. Within this alternative reality, users navigate digital topographies, with experiences ranging from shopping in pixelated arcades to collaborating in virtual offices; from witnessing concerts that defy sensory limitations to constructing abodes and palaces from mere codes and clicks—an act of creation no longer beholden to physicality but to the breadth of one's ingenuity.

The Crypto Assets

The lifeblood of this virtual economy pulsates through crypto-assets. These digital tokens represent value or rights held on distributed ledgers—a technology like blockchain, which serves as both a vault and a transparent tapestry, chronicling the pathways of each digital asset. To hop onto the carousel of this economy requires a digital wallet—a storeroom and a gateway for acquisition and trade of these virtual valuables. Cryptocurrencies, with NFTs—Non-fungible Tokens—have accelerated from obscure digital curios to precious artifacts. According to blockchain analytics firm Elliptic, an astonishing figure surpassing US$100 million in NFTs were usurped between July 2021 and July 2022. This rampant heist underlines their captivating allure for virtual certificates. Empowers do not just capture art, music, and gaming, but embody their very soul.

Yet, as the metaverse burgeons, so does the complexity and diversity of financial transgressions. From phishing to sophisticated fraud schemes, criminals craft insidious simulacrums of legitimate havens, aiming to drain the crypto-assets of the unwary. In the preceding year, a daunting figure rose to prominence—the vanishing of US$14 billion worth of crypto-assets, lost to the abyss of deception and duplicity. Hence, social engineering emerges from the shadows, a sort of digital chicanery that preys not upon weaknesses of the system, but upon the psychological vulnerabilities of its users—scammers adorned in the guise of authenticity, extracting trust and assets with Machiavellian precision.

The New Wave of Fincrimes 

Extending their tentacles further, perpetrators of cybercrime exploit code vulnerabilities, engage in wash trading, obscuring the trails of money laundering, meander through sanctions evasion, and even dare to fund activities that send ripples of terror across the physical and virtual divide. The intricacies of smart contracts and the decentralized nature of these worlds, designed to be bastions of innovation, morph into paths paved for misuse and exploitation. The openness of blockchain transactions, the transparency that should act as a deterrent, becomes a paradox, a double-edged sword for the law enforcement agencies tasked with delineating the networks of faceless adversaries.

Addressing financial crime in the metaverse is Herculean labour, requiring an orchestra of efforts—harmonious, synchronised—from individual users to mammoth corporations, from astute policymakers to vigilant law enforcement bodies. Users must furnish themselves with critical awareness, fortifying their minds against the siren calls that beckon impetuous decisions, spurred by the anxiety of falling behind. Enterprises, the architects and custodians of this digital realm, are impelled to collaborate with security specialists, to probe their constructs for weak seams, and to reinforce their bulwarks against the sieges of cyber onslaughts. Policymakers venture onto the tightrope walk, balancing the impetus for innovation against the gravitas of robust safeguards—a conundrum played out on the global stage, as epitomised by the European Union's strides to forge cohesive frameworks to safeguard this new vessel of human endeavour.

The Austrian Example 

Consider the case of Austria, where the tapestry of laws entwining crypto-assets spans a gamut of criminal offences, from data breaches to the complex webs of money laundering and the financing of dark enterprises. Users and corporations alike must become cartographers of local legislation, charting their ventures and vigilances within the volatile seas of the metaverse.

Upon the sands of this virtual frontier, we must not forget: that the metaverse is more than a hive of bits and bandwidth. It crystallises our collective dreams, echoes our unspoken fears, and reflects the range of our ambitions and failings. It stands as a citadel where the ever-evolving quest for progress should never stray from the compass of ethical pursuit. The cross-pollination of best practices, and the solidarity of international collaboration, are not simply tactics—they are imperatives engraved with the moral codes of stewardship, guiding us to preserve the unblemished spirit of the metaverse.

Conclusion

The clarion call of the metaverse invites us to venture into its boundless expanse, to savour its gifts of connection and innovation. Yet, on this odyssey through the pixelated constellations, we harness vigilance as our star chart, mindful of the mirage of morality that can obfuscate and lead astray. In our collective pursuit to curtail financial crime, we deploy our most formidable resource—our unity—conjuring a bastion for human ingenuity and integrity. In this, we ensure that the metaverse remains a beacon of awe, safeguarded against the shadows of transgression, and celebrated as a testament to our shared aspiration to venture beyond the realm of the possible, into the extraordinary.

References 

• https://www.wolftheiss.com/insights/financial-crime-in-the-metaverse-is-real/ 
• https://gnet-research.org/2023/08/16/meta-terror-the-threats-and-challenges-of-the-metaverse/
• https://shuftipro.com/blog/the-rising-concern-of-financial-crimes-in-the-metaverse-aml-screening-as-a-solution/

‍

Introduction

Intricate and winding are the passageways of the modern digital age, a place where the reverberations of truth effortlessly blend, yet hauntingly contrast, with the echoes of falsehood. The latest thread in this fabric of misinformation is a claim that has scurried through the virtual windows of social media platforms, gaining the kind of traction that is both revelatory and alarming of our times. It is a narrative that speaks to the heart of India's cultural and religious fabric—the construction of the Ram Temple in Ayodhya, a project enshrined in the collective consciousness of a nation and steeped in historical significance.

The claim in question, a spectre of misinformation, suggests that the Ram Temple's construction has been covertly shifted 3 kilometres from its original, hallowed ground—the birthplace, as it were, of Lord Ram. This assertion, which spread through the echo chambers of social media, has been bolstered by a screenshot of Google Maps, a digital cartographer that has accidentally become a pawn in this game of truth and deception. The image purports to showcase the location of Ram Mandir as distinct and distant from the site where the Babri Masjid once stood, a claim went viral on social media and has caught the public's reactions.

The Viral Tempest 

In the face of such a viral tempest, IndiaTV's fact-checking arm, IndiaTVFactCheck, has stepped into the fray, wielding the sword of veracity against the Goliath of falsehood. Their investigation into this viral claim was meticulous, a deep dive into the digital representations that have fueled this controversy. Upon examining the viral Google Maps screenshot, they noticed markings at two locations: one labelled as Shri Ram Janmabhoomi Temple and the other as Babri Masjid. The latter, upon closer inspection and with the aid of Google's satellite prowess, was revealed to be the Shri Sita-Ram Birla Temple, a place of worship that stands in quiet dignity, far removed from the contentious whispers of social media.

The truth, as it often does, lay buried beneath layers of user-generated content on Google Maps, where the ability to tag any location with a name has sometimes led to the dissemination of incorrect information. This can be corrected, of course, but not before it has woven itself into the fabric of public discourse. The fact-check by IndiaTV revealed that the location mentioned in the viral screenshot is, indeed, the Shri Sita-Ram Birla Temple and the Ram Temple is being constructed at its original, intended site.

This revelation is not merely a victory for truth over falsehood but also a testament to the resilience of facts in the face of a relentless onslaught of misinformation. It is a reminder that the digital realm, for all its wonders, is also a shadowy theatre where narratives are constructed and deconstructed with alarming ease. The very basis of all the fake narratives that spread around significant events, such as the consecration ceremony of the Ram Temple, is the manipulation of truth, the distortion of reality to serve nefarious ends of spreading misinformation.

Fake Narratives; Misinformation

Consider the elaborate fake narratives spun around the ceremony, where hours have been spent on the internet building a web of deceit. Claims such as 'Mandir wahan nahin banaya gaya' (The temple is not being built at the site of the demolition) and the issuance of new Rs 500 notes for the Ram Mandir were some pieces of misinformation that went viral on social media amid the preparations for the consecration ceremony. These repetitive claims, albeit differently worded, were spread to further a single narrative on the internet, a phenomenon that a study published in Nature said could be attributed to people taking some peripheral cues as signals for truth, which can increase with repetition.

The misinformation incidents surrounding the Ram Temple in Ayodhya are a microcosm of the larger battle between truth and misinformation. The false claims circulating online assert that the ongoing construction is not taking place at the original Babri Masjid site but rather 3 kilometres away. This misinformation, shared widely on social media has been debunked upon closer examination. The claim is based on a screenshot of Google Maps showing two locations: the construction site of the Shri Ram Janmabhoomi Temple and another spot labeled 'Babar Masjid permanently closed' situated 3 kilometers away. The assertion questions the legitimacy of demolishing the Babri Masjid if the temple is being built elsewhere. However, a thorough fact-check reveals the claim to be entirely unfounded.

Deep Scrutiny

Upon scrutiny, the screenshot indicates that the second location marked as 'Babar Masjid' is, in fact, the Sita-Ram Birla Temple in Ayodhya. This is verified by comparing the Google Maps satellite image with the actual structure of the Birla Temple. Notably, the viral screenshot misspells 'Babri Masjid' as 'Babar Masjid,' casting doubt on its credibility. Satellite images from Google Earth Pro clearly depict the construction of a temple-like structure at the precise coordinates of the original Babri Masjid demolition site (26°47'43.74'N 82°11'38.77'E). Comparing old and new satellite images further confirms that major construction activities began in 2011, aligning with the initiation of the Ram Temple construction.

Moreover, existing photographs of the Babri Masjid, though challenging to precisely match, share essential structural elements with the current construction site, reinforcing the location as the original site of the mosque. Hence the viral claim that the Ram Temple is being constructed 3 kilometers away from the Babri Masjid site is indubitably false. Evidence from historical photographs, satellite images and google images conclusively refute this misinformation, attesting that the temple construction is indeed taking place at the same location as the original Babri Masjid.

Viral Misinformation: A false claim based on a misleading Google Maps screenshot suggests the Ram Temple construction in Ayodhya has been covertly shifted 3 kilometres away from its original Babri Masjid site.

Fact Check Revealed: IndiaTVFactCheck debunked the misinformation, confirming that the viral screenshot actually showed the Shri Sita-Ram Birla Temple, not the Babri Masjid site. The Ram Temple is indeed being constructed at its original, intended location, exposing the falsehood of the claim.

Conclusion 

The case of the Ram Temple is a pitiful reminder of the power of misinformation and the significance of fact-checking in preserving the integrity of truth. It is a clarion call to question, to uphold the integrity of facts in a world increasingly stymied in the murky waters of falsehoods. Widespread misinformation highlights the critical role of fact-checking in dispelling false narratives. It serves as a reminder of the ongoing battle between truth and misinformation in the digital age, emphasising the importance of upholding the integrity of facts for a more informed society. 

References 

• https://www.indiatvnews.com/fact-check/fact-check-is-ram-temple-being-built-3-km-away-from-the-birthplace-here-truth-behind-viral-claim-2024-01-19-912633
• https://www.thequint.com/news/webqoof/misinformation-spread-around-events-ayodhya-ram-mandir-g20-elections-bharat-jodo-yatra

‍