#FactCheck: Debunking the Edited Image Claim of PM Modi with Hafiz Saeed

WhatsApp messages masquerading as an offer from Maruti Suzuki with links luring unsuspecting users with the promise of Maruti Suzuki 40th Anniversary Celebration presents, have been making the rounds on the app. If you receive such messages try to stay away from it, as it can be a scam.

The Research Wing of CyberPeace Foundation along with Autobot Infosec Private Limited have conducted a study based on a WhatsApp message that contained a link pretending to be a free gift offer from Maruti Suzuki which asks users to participate in a survey in order to get a chance to win a Maruti Baleno Sigma MT car.

Warning SignsThe campaign pretends to be an offer from Maruti Suzuki but is hosted on a third party domain instead of the official Maruti Suzuki website which makes it more suspicious.

The domain names associated with the campaign have been registered in very recent times.

Multiple redirections have been noticed between the links.

No reputed site would ask its users to share the campaign on WhatsApp.

The prize is kept really attractive to lure the laymen.

Grammatical mistakes have been noticed.

A congratulations message appears on the landing page with an attractive photo of Maruti Suzuki cars that asks users to participate in a quick survey in order to get a “Maruti Suzuki BALENO Sigma MT”. Also, the bottom of the page seems to appear like a comment section with public comments establishing the truthfulness of the offer.

The survey starts with some basic questions like Do you know Maruti Suzuki?, How old are you?, How do you think of Maruti Suzuki?, Are you male or female? Etc. Once the user answers the questions a “congratulatory message” is displayed.

On clicking the OK button users are given three attempts to win the prize. After completing all the attempts a message pops up that the user has won “Maruti Suzuki BALENO Sigma MT”. It then prompts the user to share the message on WhatsApp.

Strangely enough the user has to keep clicking the WhatsApp button until the progress bar completes. After clicking on the green ‘WhatsApp’ button multiple times it shows a section where an instruction has been given to complete registration in order to get the prize.

After clicking on the green ‘Complete registration’ button, it redirects the user to multiple advertisements web pages varying each time the user clicks on the button.

During the analysis the research team found a javascript code called hm.js was being executed in the background from the host hm[.]baidu[.]com which is a subdomain of Baidu and is used for Baidu Analytics, also known as Baidu Tongji. The important part is that Baidu is a Chinese multinational technology company specializing in Internet-related services, products and artificial intelligence, headquartered in Beijing’s Haidian district, China.To read the full report, please click (https://www.cyberpeace.org/CyberPeace/Repository/20210828Research-report-on-Maruti-Suzuki-40th-Anniversary-Celebration-free-gift-scam.pdf) here:

Conclusive Summary

1. The whole research activity was performed in a secured sandbox environment where the WhatsApp application was not installed. If any user opens the link from a device like smartphones where the WhatsApp application is installed, the sharing features on the site will open the Whatsapp application on the device to share the link.

2. The campaign collects browser and system information from the users.

3. Most of the domain names associated with the campaign have the registrant country as China.

4. Cybercriminals used Cloudflare technologies to mask the real IP addresses of the front-end domain names used in this Maruti Suzuki 40th Anniversary Celebration free gift campaign. But during the phases of investigation, the research team has identified a domain name that was requested in the background and has been traced as belonging to China.

CyberPeace Advisory

1. CyberPeace Foundation and Autobot Infosec recommend that people should avoid opening such messages sent via social platforms.

2. If at all, the user gets into this trap, it could lead to whole system compromise such as access to the microphone, Camera, Text Messages, Contacts, Pictures, Videos, Banking Applications, etc as well as financial losses.

3. Do not share confidential details like login credentials, banking information with such a type of scam.

4. Do not share or forward fake messages containing links without proper verification.

5. There is a need for International Cyber Cooperation between countries to bust the cybercriminal gangs running the fraud campaigns affecting individuals and organizations, to make Cyberspace resilient and peaceful.

Source: https://www.business-standard.com//content/press-releases-ani/cyber-criminals-target-internet-users-with-maruti-suzuki-40th-anniversary-celebration-free-gift-scam-121083101204_1.html

Introduction

CyberPeace Chronicles is a one-stop for the latest edition of news, updates, and findings in global cyberspace. As we step into the cyberage, it is pertinent that we need to incorporate cybersecurity practices in our day-to-day activities. From laptops to automated homes and cars, we are all surrounded by technology in some form or another. Thus, with the increased dependency, we need to eradicate the scope of vulnerabilities and threats around us and create robust and sustainable safety mechanisms for us and future generations. 

‍

What, When and How? 

• WIN-RAR Update: CVE-2023-33831, a serious vulnerability, was identified in WinRAR versions prior to 6.23 in April 2023. When users attempted to access seemingly harmless files inside ZIP archives, this vulnerability allowed attackers to run arbitrary code. Cybercriminals transmitted malware families like DarkMe, GuLoader, and Remcos RAT by taking advantage of this vulnerability. It is essential to update WinRAR to version 6.23 or later in order to protect your computer and your data. Follow the following steps to secure your device -

• Checking Your Current WinRAR Version
• Downloading the Latest WinRAR Version
• Installing the Updated WinRAR
• Completing the Installation
• Verifying the Update 
• Cleaning Up 

• Indonesian Hacker Groups Target Indian Digital Infrastructure: As India geared up to host the G20 delegation as part of the Leadership Summit, various reports pointed towards different forms and intensity-based cyber attacks on Indian organisations and digital infrastructure. Tech firms in India have been successful in tracing the origination of the attacks to be from Indonesia. It is believed that hacker groups backed by anti-India elements have been trying to target the digital resources of India. Organisations and central agencies like Computer Emergency Response Team (CERT-In), National Critical Information Infrastructure Protection Centre (NCIIPC), I4C (Indian Cybercrime Coordination Centre), Delhi Police, Intelligence Bureau (IB), Research and Analysis Wing (R&AW), National Investigation Agency (NIA) and Central Bureau of Investigation (CBI) have constantly been working in keeping the Digital interests of India safe and secure, and with the ongoing G20 summit, it is very pertinent to be mindful of potential threats prevailing to prepare counter tactics for the same. 
• CLOP Ransomware: The CL0P ransomware is thought to have initially surfaced in 2019 and was developed by a cybercriminal organisation that spoke Russian. The threat actor FIN11 (also known as TA505 and Snakefly), who is notorious for being financially driven, is frequently connected to the CL0P ransomware, which had its roots at the beginning of 2019. By utilising this technique, CL0P has targeted businesses utilising the "Accellion FTA" file transfer appliance's vulnerable version. Accordingly, it has been asserted that the following vulnerabilities have been used to access victim data and maybe switch to victim networks. Numerous well-publicized attacks carried out by CL0P have had an impact on organisations all across the world. Especially for Managed File Transfer (MFT) programmes, the CL0P performers are well known for their talent in developing zero-day vulnerabilities. The gang went after Accellion File Transfer Appliance (FTA) devices in both 2020 and 2021, then early in 2023, they went after Fortran/Linoma GoAnywhere MFT servers, and then later in June, they went after MOVEit transfer deployments. Up to 500 organisations are thought to have been harmed by this aggressive operation. Some of the ways to mitigate the risk are as follows: 

• Regular Software Updates: Updating programmes and systems helps prevent known security flaws that fraudsters frequently exploit.
• Employee Training: Employee training can significantly lower the likelihood of successful penetration by educating staff members about phishing scams and safe internet conduct.
• Network Segmentation: By separating networks and restricting lateral movement, a ransomware attack's potential effects can be reduced.
• Regular Data backups: Data backups can lessen the effects of encryption and deter payment by regularly backing up data and storing it offsite.
• Security solutions: Putting in place effective cybersecurity measures like firewalls, intrusion detection systems, and cutting-edge endpoint protection can greatly improve an organisation's defences.

• Increased scrutiny for SIM card vendors: As phishing and smishing scams are on the rise in India, the Telecom Regulatory Authority of India (TRAI) has repeatedly issued notifications and consultation papers to address this growing concern. Earlier this year, TRAI notified that promotional calling will not be continued from 10-digit personal numbers. Instead, companies will now have to take authorised 9-digit numbers for promotional calls and SMSs. Similarly, to increase the efficiency of the same, TRAI has laid down that all the SIM card vendors will now have to be verified again, and any discrepancy found against any of the vendors will lead to blacklisting and penal actions against the vendor. 

‍

Conclusion

In conclusion, the digital landscape in 2023 is rife with both opportunities and challenges. The recent discovery of a critical vulnerability in WinRAR underscores the importance of regularly updating software to protect against malicious attacks. It is imperative for users to follow the provided steps to secure their devices and safeguard their data. Furthermore, the cyber threat landscape continues to evolve, with Indonesian hacker groups targeting Indian digital infrastructure, particularly during significant events like the G20 summit. Indian organisations and cybersecurity agencies are working diligently to defend against these threats and ensure the security of digital assets. The emergence of ransomware attacks, exemplified by the CL0P ransomware, serves as a stark reminder of the need for robust cybersecurity measures. Regular software updates, employee training, network segmentation, data backups, and advanced security solutions are crucial components of a comprehensive defence strategy against ransomware and other cyber threats. Additionally, the Telecom Regulatory Authority of India's efforts to enhance security in the telecommunications sector, such as stricter verification of SIM card vendors, demonstrate a proactive approach to addressing the rising threat of phishing and smishing scams. In this dynamic digital landscape, staying informed and implementing proactive cybersecurity measures is essential for individuals, organisations, and nations to protect their digital assets and maintain a secure online environment. Vigilance, collaboration, and ongoing adaptation are key to meeting the challenges posed by cyber threats in 2023 and beyond.

‍

Introduction 

India has always been celebrated as the land of abundance, once known as the ‘golden bird’ that attracted the world with its prosperity and wisdom. In the current century, as the world moves deeper into the age where every nation is redefining its strength through advancements in every sector, including technology, India is preparing for a powerful transformation. “Viksit Bharat 2047” is an initiative aimed at achieving  India's aspiration of becoming a developed nation by its centennial year of independence. India’s growth story is shifting as it takes a step towards development in every field and advances progress both in terms of generating economic growth and breakthroughs in technologies across industries. 

Today, when technology touches every aspect of our lives, ‘Cyber Security’ becomes a key area that will significantly drive progress and hold strong importance under the Viksit Bharat vision, especially with the rise of emerging technologies such as AI, quantum computing, cryptography, 5G & 6G, robotics and automation, Internet of Things (IoT), augmented reality (AR) & virtual reality (VR) etc. 

Key Initiatives Taken by the Centre

Indian Cyber Crime Coordination Centre: 

The Indian Cybercrime Coordination Centre (I4C) was established by the Ministry of Home Affairs (MHA) to provide a framework for law enforcement agencies (LEAs) to deal with cybercrime in a coordinated and comprehensive manner. I4C is actively working on initiatives to combat emerging threats in cyberspace, and it has become a strong pillar of India’s cybersecurity and cybercrime prevention. The ‘National Cyber Crime Reporting Portal’, equipped with a 24x7 cybercrime helpline number 1930,  is one of the key components of the I4C.

Recently under I4C, key initiatives were launched to strengthen cybersecurity. The Cyber Fraud Mitigation Centre (CFMC) has been incorporated to bring together banks, financial institutions, telecom companies, Internet Service Providers, and law enforcement agencies on a single platform to tackle online financial crimes efficiently. The Cyber Commandos Program will establish a specialised wing of trained Cyber Commandos in states, Union Territories, and Central Police Organisations to counter rising cyber threats. The Samanvay platform, a web-based Joint Cybercrime Investigation Facility System, has been introduced as a one-stop data repository for cybercrime to foster data sharing and collaboration. The Suspect Registry Portal, connected to the National Cybercrime Reporting Portal (NCRP), has been designed to track cybercriminals and strengthen fraud risk management.

India’s AI Mission:-

The Indian Cabinet has approved a comprehensive national-level IndiaAI Mission. The mission aims to strengthen the Indian AI innovation ecosystem by democratizing computing access, improving data quality, developing indigenous AI capabilities, attracting top AI talent, enabling industry collaboration, providing startup risk capital, ensuring socially impactful AI projects, and bolstering ethical AI. Through India AI Mission, the government is facilitating the development of India’s own foundational models, including Large Language Models (LLMs) and problem-specific AI solutions tailored to Indian needs.

The mission is implemented by the 'IndiaAI' Independent Business Division (IBD) under the Digital India Corporation (DIC) and consists of several components, such as IndiaAI Compute Capacity, IndiaAI Innovation Centre (IAIC), IndiaAI Datasets Platform, IndiaAI Application Development Initiative, IndiaAI Future Skills, IndiaAI Startup Financing, and Safe & Trusted AI. The main objective is to create and nurture an ecosystem for India’s AI innovation. 

Startup India:-  

With more than 1.59 lakh startups recognised by the Department for Promotion of Industry and Internal Trade (DPIIT) as of January 15, 2025, India has firmly established itself as the third-largest startup ecosystem in the world. Startup India is a flagship initiative launched by the Government of India on 16th January 2016 to build a strong ecosystem for nurturing innovation and startups in the country, which will drive economic growth and generate large-scale employment opportunities.

Key Regulations:-

‍The Centre, in order to better regulate the cyber domain, has come up with significant regulations. To protect the personal data of citizens, the Digital Personal Data Protection Act, 2023 has been enacted. The Intermediary Guidelines 2021 lay down obligations on social media platforms and intermediaries to ensure accountability and user safety. The Telecommunications Act 2023 has also been enacted. Further, the Promotion and Regulation of Online Gaming Bill 2025, passed by Parliament on 21st August 2025, aims to address related concerns. In addition, Cert-In issues guidelines & advisories from time to time, in order to strengthen cybersecurity.

CyberPeace Outlook 

CyberPeace has been at the forefront in transforming policy, technology, and ethical growth in the cyber landscape through its key initiatives. In 2023, CyberPeace hosted the Global CyberPeace Summit in collaboration with Civil 20 and G20 India, with knowledge support from the United Service Institution of India and participation from MeitY, NCIIPC, CERT-In, Zoom, Meta, InMobi, ICANN, Internet Society, MANRS, APNIC, and leading universities, which helped shape critical global conversations on trust, safety, and collaboration in cyberspace. 

Viksit Bharat 2047 is more than just a vision for economic success; it is a pledge to create a nation that is technologically secure, resilient, and globally competitive.  In this journey, cybersecurity will be at the heart of India's digital reboot, securing its innovation, empowering its citizens, and ensuring its future.

References

• https://www.cyberpeace.org/resources/blogs/i4c-foundation-day-celebration-shri-amit-shah-launches-key-initiatives-to-tackle-cybercrime
• https://www.cyberpeace.org/resources/blogs/indiaai-mission
• https://bharatarticles.com/viksit-bharat-2047-vision-challenges-and-roadmap-to-a-developed-india/
• https://www.pib.gov.in/PressReleasePage.aspx?PRID=2012355‍
• https://www.pib.gov.in/PressReleasePage.aspx?PRID=2093125

‍