#FactCheck -Viral Humanoid Robot Video Actually Filmed at the Museum of the Future

Introduction

A new dawn in the realm of cyber security and criminal justice is on the horizon. Maharashtra's Deputy Chief Minister, Devendra Fadnavis, has recently announced the advent of the country's most sophisticated cyber lab—a bastion against the dark arts of cybercrime. This announcement, made with the gravitas befitting a statesman, was not merely a bureaucratic note; it was a clarion call to a future where technology and law converge to create a safer society.

The cyber lab, poised to be the largest and most modern of its kind, is not just a facility—it is a symbol of the state's commitment to harnessing the power of technology in the ceaseless battle against crime. Fadnavis, who also holds the state's home portfolio, underscored the significance of this initiative during a function where he also emphasised the need for the Maharashtra police to brace themselves for the enforcement of three transformative criminal laws set to take effect from the first of July 2024.

In compliance with the New Laws

These laws—the Bharatiya Nyaya Sanhita, the Bharatiya Nagarik Suraksha Sanhita, and the Bharat Sakshya Act—They are not mere statutory texts; they are the architects of a new edifice of criminal justice, designed with the mortar of modern electronic and technical evidence to buttress the conviction rates and fortify the legal system.

At the inauguration of the Evidence Management Centre (EMC) and the Evidence Dispatch Van (EDV) in Navi Mumbai, Fadnavis spoke with an air of prescience about the radical shifts these new acts will engender. The EMC, a paragon of innovation with its no-human-intervention ethos, is set to revolutionise the procedure of handling evidence, thereby amplifying the likelihood of securing convictions in an era increasingly marred by cyber frauds and hacking escapades.

Recent Trend

The Deputy Chief Minister's vision extends beyond the present, into a realm where blockchain technology becomes an ally of law enforcement, rendering evidence tampering an obsolete concern. Under the new legislative framework, expert collection of evidence is mandated for crimes with sentences exceeding seven years, a move that underscores the gravity with which digital and electronic evidence is now regarded.

The Cyber Lab

The Navi Mumbai police Commissionerate stands as the vanguard of this new legal era, being the first in the country to align with the upcoming laws. As digital transactions burgeon, so too does the evil of cybercrime. Fadnavis assures us that the cyberlaw, a veritable nexus of modernity, will bring together banks, non-banking financial companies (NBFCs), and social media platforms on a unified platform to detect and thwart crimes with alacrity.

This announcement was made in the presence of Maharashtra's Director General of Police, Rashmi Shukla, and Navi Mumbai's police commissioner, Milind Bharambe, both of whom are key figures in the conception of this project. Their attendance shows the collective resolve of Maharashtra's law enforcement to elevate its capabilities in cybercrime prevention.

Conclusion

The establishment of this cyber lab is a vivid thread woven with the intent to protect the digital integrity of its citizens. It is a testament to the state's foresight and its unwavering commitment to staying abreast of the evolving landscape of crime and technology. As we stand on the cusp of this new era, we are reminded that the fight against crime is perennial, but with such pioneering initiatives, victory is not just a possibility—it is an inevitability.

References

• https://indianexpress.com/article/cities/mumbai/navi-mumbai-cyber-lab-criminal-laws-fadnavis-9206801/
• https://www.the420.in/why-maharashtras-new-cyber-lab-could-be-a-game-changer-for-national-security/
• https://apacnewsnetwork.com/2024/03/navi-mumbai-to-host-indias-most-advanced-crime-busting-lab-boosting-conviction-rates-maharashtra-deputy-cm-fadnavis-announces/

‍

Executive Summary

A misleading  advertisement circulating in social media providing attractive offers like iPhone15, AirPods and Smartwatches from the Indian e-commerce platform ‘Myntra’. This “Myntra - Festival Gifts” scam aims to attract the unsuspecting users into a series of redirects and fake interactions to compromise their personal information and devices. It is important to stay vigilant to protect ourselves from misleading attractive offers. Through this report, the Research Wing of CyberPeace explains about a series of processes that happens when the link gets clicked. Through this knowledge, we aim to provide awareness and empower the users to guard themselves and not fall into deceptive offers that aim to scam them.   

False Claim

The widely shared WhatsApp message claims that Myntra  is offering a wide range of high-valued prizes including the latest iPhone 15, AirPods, various smartwatches among all as a Festival Gift promotion. The campaign invites the users to click on the link provided and take a short quiz to be eligible for the prize.

‍

The Deceptive Scheme

• The link in the social media post is tailored to work only on mobile devices, users are taken through a chain of redirects.
• Users are greeted with the Myntra's "Big Fashion Festival" branding accompanied by Myntra’s logo once they reach the landing page, which gives an impression of authenticity.
• Next, a simple quiz asks basic questions about the user's shopping experience with Myntra, their age, and gender.
• On the bottom of the quiz, there is a comment section that shows the comments from users who are supposedly provided with the prizes to look real,  
• After the completion of the quiz, users are presented with a Spin-to-Win mechanism, to win the prize. 
• After winning, a congratulatory message is displayed which says that the user has won an iPhone 15.
• The final step requires the user to share the campaign over WhatsApp in order to claim the prize.

 Analyzing the Fraudulent Campaign 

• The use of Myntra's branding and the promise of exclusive, high-value prizes are designed to attract  users' interest.
• The fake comments and social proof elements aim to create a false sense of legitimacy and widespread participation, making the offer seem more credible.
• The series of redirects, quizzes, and Spin-to-Win mechanics are tactics to keep users engaged and increase the likelihood of them falling for the scam.
• The final step of sharing the post on WhatsApp is a way for the scammers to further spread the campaign and compromise more victims. Through sharing the link over WhatsApp, users become unaware accomplices that are simply assisting the scammers to reach an even bigger audience and hence their popularity.

• The primary objectives of such scams are to gather users' personal information and potentially gain access to their devices. By luring users with the promise of exclusive gifts and creating a false sense of legitimacy, the scammers aim to exploit user trust and compromise their data, leading to potential identity theft, financial fraud, or the installation of potentially unwanted softwares.
• We have also cross-checked and as of now there is no well established and credible source or any official notification that has confirmed such an offer advertised by Myntra.
• Domain Analysis: If we closely look at the viral message, it is clearly visible that the scammers mentioned myntra.com in the url. However, the actual url takes the user to a different domain as the campaign is hosted on a third party domain instead of the official Website of Myntra, this raised suspicion. This is the common way to deceive users into falling for a Phishing scam. Whois information reveals that the domain has been registered not long ago i.e on 8th April 2024, just a few days back. Cybercriminals used Cloudflare technology to mask the actual IP address of the fraudulent website.

• Domain Name: MYTNRA.CYOU
• Registry Domain ID: D445770144-CNIC
• Registrar WHOIS Server: whois.hkdns.hk
• Registrar URL: http://www.hkdns.hk
• Updated Date: 2024-04-08T03:27:58.0Z
• Creation Date: 2024-04-08T02:58:14.0Z
• Registry Expiry Date: 2025-04-08T23:59:59.0Z
• Registrar: West263 International Limited
• Registrant State/Province: Delhi
• Registrant Country: IN
• Name Server: NORMAN.NS.CLOUDFLARE.COM
• Name Server: PAM.NS.CLOUDFLARE.COM

‍CyberPeace Advisory and Best Practices‍

• Do not open those messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
• Falling prey to such scams could compromise your entire system, potentially granting unauthorized access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
• Never, in any case, reveal such sensitive data as your login credentials and banking details to entities you haven't validated as reliable ones.
• Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
• For the sake of the truthfulness of offers and messages, find the official sources and companies directly. Verify the authenticity of alluring offers before taking any action.

Conclusion:

The “Myntra - Festival Gift” scam is a kind of manipulation in which the fraudsters exploit the trust of the users and take advantage of a popular e-commerce website. It is equally crucial to equip the users by imparting them knowledge on fraudulent behavior tactics like impersonating brands, creating fake social proof and application of different engagement strategies. We are required to remain alert and stand firm against cyber attacks. Be careful, make sure that information is verified and share awareness to help make a safe online environment for all users.

‍

Introduction

The digital realm is evolving at a rapid pace, revolutionising cyberspace at a breakneck speed. However, this dynamic growth has left several operational and regulatory lacunae in the fabric of cyberspace, which are exploited by cybercriminals for their ulterior motives. One of the threats that emerged rapidly in 2024 is proxyjacking, in which vulnerable systems are exploited by cyber criminals to sell their bandwidth to third-party proxy servers. This cyber threat poses a significant threat to organisations and individual servers. 

Proxyjacking is a kind of cyber attack that leverages legit bandwidth sharing services such as Peer2Profit and HoneyGain. These are legitimate platforms but proxyjacking occurs when such services are exploited without user consent. These services provide the opportunity to monetize their surplus internet bandwidth by sharing with other users. The model itself is harmless but provides an avenue for numerous cyber hostilities.  The participants install net-sharing software and add the participating system to the proxy network, enabling users to route their traffic through the system. This setup intends to enhance privacy and provide access to geo-locked content. 

The Modus Operandi

These systems are hijacked by cybercriminals, who sell the bandwidth of infected devices. This is achieved by establishing Secure Shell (SSH) connections to vulnerable servers. While hackers rarely use honeypots to render elaborate scams, the technical possibility of them doing so cannot be discounted. Cowrie Honeypots, for instance, are engineered to emulate UNIX systems. Attackers can use similar tactics to gain unauthorized access to poorly secured systems. Once inside the system, attackers utilise legit tools such as public docker images to take over proxy monetization services. These tools are undetectable to anti-malware software due to being genuine software in and of themselves. Endpoint detection and response (EDR) tools also struggle with the same threats.

The Major Challenges 

Limitation Of Current Safeguards – current malware detection software is unable to distinguish between malicious and genuine use of bandwidth services, as the nature of the attack is not inherently malicious. 

Bigger Threat Than Crypto-Jacking – Proxyjacking poses a bigger threat than cryptojacking, where systems are compromised to mine crypto-currency. Proxyjacking uses minimal system resources rendering it more challenging to identify. As such, proxyjacking offers perpetrators a higher degree of stealth because it is a resource-light technique, whereas cryptojacking can leave CPU and GPU usage footprints.

Role of Technology in the Fight Against Proxyjacking

Advanced Safety Measures- Implementing advanced safety measures is crucial in combating proxyjacking. Network monitoring tools can help detect unusual traffic patterns indicative of proxyjacking. Key-based authentication for SSH can significantly reduce the risk of unauthorized access, ensuring that only trusted devices can establish connections. Intrusion Detection Systems and Intrusion Prevention Systems can go a long way towards monitoring unusual outbound traffic.

Robust Verification Processes- sharing services must adopt robust verification processes to ensure that only legitimate users are sharing bandwidth. This could include stricter identity verification methods and continuous monitoring of user activities to identify and block suspicious behaviour. 

Policy Recommendations

Verification for Bandwidth Sharing Services – Mandatory verification standards should be enforced for bandwidth-sharing services, including stringent Know Your Customer (KYC) protocols to verify the identity of users. A strong regulatory body would ensure proper compliance with verification standards and impose penalties. The transparency reports must document the user base, verification processes and incidents. 

Robust SSH Security Protocols – Key-based authentication for SSH across organisations should be mandated, to neutralize the risk of brute force attacks. Mandatory security audits of SSH configuration within organisations to ensure best practices are complied with and vulnerabilities are identified will help. Detailed logging of SSH attempts will streamline the process of identification and investigation of suspicious behaviour. 

Effective Anomaly Detection System – Design a standard anomaly detection system to monitor networks. The industry-wide detection system should focus on detecting inconsistencies in traffic patterns indicating proxy-jacking. Establishing mandatory protocols for incident reporting to centralised authority should be implemented. The system should incorporate machine learning in order to stay abreast with evolving attack methodologies.

Framework for Incident Response – A national framework should include guidelines for investigation, response and remediation to be followed by organisations. A centralized database can be used for logging and tracking all proxy hacking incidents, allowing for information sharing on a real-time basis. This mechanism will aid in identifying emerging trends and common attack vectors. 

Whistleblower Incentives – Enacting whistleblower protection laws will ensure the proper safety of individuals reporting proxyjacking activities. Monetary rewards provide extra incentives and motivate individuals to join whistleblowing programs. To provide further protection to whistleblowers, secure communication channels can be established which will ensure full anonymity to individuals. 

Conclusion

Proxyjacking represents an insidious and complicated threat in cyberspace. By exploiting legitimate bandwidth-sharing services, cybercriminals can profit while remaining entirely anonymous. Addressing this issue requires a multifaceted approach, including advanced anomaly detection systems, effective verification systems, and comprehensive incident response frameworks. These measures of strong cyber awareness among netizens will ensure a healthy and robust cyberspace. 

References 

• https://gridinsoft.com/blogs/what-is-proxyjacking/
• https://www.darkreading.com/cyber-risk/ssh-servers-hit-in-proxyjacking-cyberattacks
• https://therecord.media/hackers-use-log4j-in-proxyjacking-scheme

‍