Cybersecurity
Multi-State Cyber Syndicate With Suspected Chinese Links Discovered
New Delhi: Delhi Police have dismantled a multi-state cybercrime syndicate allegedly linked to foreign handlers operating from China. A key operative has been arrested, while others involved in the network remain on the police radar. Investigators say the gang used layered money-mule accounts, shell firms and cryptocurrency channels to defraud a senior citizen through a fake digital investment scheme.
Complaint Sparks Probe Into a Deep Investment Fraud Chain
The case began when a 61-year-old complainant approached the police after realising that the online investment opportunity he had put money into was fraudulent. Early checks by investigators showed that the victim’s funds had moved through multiple mule accounts and beneficiary layers, ultimately landing in the bank account of a shell private limited firm set up solely for laundering.
Two key individuals associated with this firm surfaced during the initial probe — Shivam Singh, a resident of Faizabad (Uttar Pradesh), and Lakshya, a Delhi-based operative. Lakshya had already been arrested on 19 November. During interrogation, he reportedly admitted that he was tasked with opening bank accounts, acquiring SIM cards, and procuring identity kits for the syndicate. In return, he received a fixed monthly payout for handing over account kits, SIM cards and KYC documents to the network’s handlers.
The arrest of another accused, Shubham, led to raids across various parts of Delhi–NCR. Police recovered a laptop, two mobile phones, five cheque books, six debit cards and several documents linked to digital transactions. During questioning, Shubham claimed that the racket operated with a “deep financial structure” involving shell companies, mule accounts, crypto wallets and offshore financiers directing the flow of funds.
Cryptocurrency Route Used to Move Money Abroad
According to police, the syndicate not only created bogus enterprises and mule accounts but also relied on USDT-based crypto wallets to obscure the trail of the stolen money. After passing through multiple domestic accounts, the proceeds were allegedly converted into stablecoin (USDT) and transferred to wallets controlled by foreign handlers.
This hybrid chain — mule accounts + shell firms + crypto conversion — allowed the gang to move money overseas within minutes, bypassing traditional financial monitoring systems. Investigators believe the cross-border movement of funds was orchestrated to evade compliance checks, tax scrutiny and tracing by law-enforcement agencies.
How the Network Operated — Shell Firms, SIM Identities and Virtual Wallets
Delhi Police say the group fabricated multiple shell companies using forged addresses and bogus incorporation details. These entities existed only on paper and were used to open current accounts through which large amounts of money were routed.
Mule bank accounts were created using low-cost identity kits purchased from individuals recruited through online groups and messaging apps. The syndicate also collected SIM cards, virtual mobile numbers and e-wallet credentials, creating a vast digital ecosystem through which fraudulent transactions could be executed without attracting immediate attention.
Several accounts examined by investigators showed little or no genuine business activity, yet had witnessed substantial credit inflows and rapid withdrawals — a pattern consistent with laundering operations.
During questioning, one accused admitted that he was paid a fixed monthly fee simply to provide bank accounts and digital IDs to the syndicate. Police say several victims attempted to trace their funds, but the use of high-velocity money-mule transfers, crypto wallets and foreign controllers made recovery difficult.
Arrests and Next Steps — Police Prepare to Extract the Network at Its Roots
So far, Lakshya and Shubham have been arrested. Investigators are now analysing banking logs, wallet trails and suspected foreign-linked transactions to identify more operatives. Officials say the crackdown is at an initial stage and several more arrests and disclosures are likely.
The Special Cell has issued an advisory urging citizens — particularly senior citizens — to avoid quick-profit investment schemes, crypto-based return promises or unsolicited online earning platforms, which remain hotspots for cyber fraud.
A Disturbing Pattern — International Cyber Gangs Expanding Networks in India
The case highlights emerging trends in cybercrime, where international linkages, shell corporations, mule accounts and crypto channels converge to create sophisticated fraud networks. The ability to rapidly transfer stolen funds abroad through decentralised digital assets poses a major challenge for law-enforcement agencies.
Police officials say intensified inter-state coordination and deeper forensic audits of bank accounts and crypto wallets will be critical in uprooting such multi-layered syndicates in the coming months.
Cybersecurity
AI-Powered Cyber Threats Put India’s Financial Sector Under Growing Pressure, Report Warns
New security assessment highlights deepfakes, identity attacks, supply-chain risks and weaknesses beyond traditional compliance systems
India’s banking, financial services and insurance (BFSI) sector is facing a rapidly changing cyber threat environment as attackers increasingly use artificial intelligence, deepfake technology, identity manipulation and advanced digital techniques to target financial systems.
A new Digital Threat Report 2025-26 developed by SISA, CERT-In and CSIRT-Fin warns that cyber risks are evolving faster than many organisations can strengthen their defences. The report highlights that modern attacks are no longer limited to stealing information but are increasingly focused on disrupting transactions, compromising trust and exploiting digital infrastructure.
The assessment notes that several cyber trends predicted in the previous edition of the report have already become widespread, showing that the time between emerging threats and real-world attacks is becoming significantly shorter.
Deepfakes and AI Increase Sophistication of Financial Fraud
Artificial intelligence has become a major factor behind the growth of sophisticated cyber fraud campaigns. The report identifies AI-driven impersonation, deepfake videos, automated phishing and advanced social engineering as key challenges for financial institutions.
Criminal groups are increasingly using realistic fake identities, manipulated communications and AI-generated content to deceive employees and customers. Traditional verification methods based only on visual or voice recognition are becoming less reliable as attackers improve their ability to imitate trusted individuals.
The report also highlights rising risks from business email compromise, credential theft and session hijacking. Attackers are using stolen access details and legitimate user sessions to bypass security measures instead of directly breaking authentication systems.
Cyber incidents affecting India’s BFSI sector are estimated to be significantly higher than the global average, with reported incidents increasing substantially in recent years. The report stresses that organisations must focus on analysing user behaviour, device activity and transaction patterns rather than relying only on passwords or authentication checks.
Identity Protection Becomes a Critical Security Challenge
Cybercriminals are increasingly targeting digital identities after successful login attempts. The report warns that attackers are focusing on session tokens, application programming interface (API) keys, service accounts and cloud-based permissions.
In these situations, security systems may not detect a traditional authentication failure because attackers are operating through valid sessions or stolen credentials. Financial institutions are therefore being urged to strengthen identity monitoring and continuously review access privileges.
The report recommends improved management of non-human identities, stronger credential protection and better visibility into digital activity across applications and cloud environments.
Compliance Alone Cannot Guarantee Cyber Resilience
The report highlights a growing gap between meeting regulatory requirements and achieving real-world cybersecurity readiness.
While compliance frameworks help organisations establish security standards, they may not always reveal weaknesses that appear during active attacks. The report identifies issues such as outdated security practices, incomplete monitoring and gaps between designed controls and their actual operation.
For example, encryption may protect stored information but may not secure data while it is being processed. Multi-factor authentication can confirm identity but may not stop attackers who have already gained access through stolen sessions.
The report advises financial organisations to treat compliance as a starting point rather than a complete security solution. Continuous testing, threat simulations, behavioural monitoring and regular security reviews are recommended to strengthen resilience.
Business Logic Attacks and Hidden Threats Expand Risk
Modern attackers are increasingly exploiting weaknesses in how financial systems operate rather than simply attacking technical vulnerabilities.
The report warns that payment systems, transaction limits and verification workflows can be manipulated through unusual sequences of legitimate actions. Attackers may abuse authorised functions in ways that developers never intended, making such activities difficult to detect.
It also highlights threats from fileless malware, encrypted communication channels and incomplete monitoring systems. These techniques can allow attackers to remain hidden while moving through networks or extracting sensitive information.
Report Calls for Continuous Cyber Defence Strategy
The assessment outlines several major security challenges expected to shape the future threat landscape, including AI-powered fraud, identity compromise, payment manipulation, supply-chain attacks and risks affecting critical financial infrastructure.
To address these challenges, the report recommends an 18-month security improvement roadmap focused on strengthening basic protections, expanding monitoring capabilities and redesigning security architecture.
The report concludes that cybersecurity must become an ongoing business priority for financial organisations. In an environment where cyberattacks can scale rapidly through automation and AI, periodic security checks are no longer enough. Continuous protection, testing and adaptation will be essential to maintaining trust and stability in the financial sector.
Cybersecurity
Dell BIOS Flaw Lets Hackers Recover Admin Passwords Within Seconds
Firmware vulnerability allows rapid password recovery on affected Dell devices, raising concerns over enterprise hardware security
A newly disclosed security vulnerability in the BIOS firmware of several Dell devices could allow attackers to recover administrator and user BIOS passwords within seconds, according to cybersecurity researchers.
The flaw, identified as CVE-2026-40639 and documented in Dell’s security advisory DSA-2026-197, is linked to an insecure password storage method inside certain firmware components. Rather than exploiting weak passwords, attackers can take advantage of how BIOS credentials are encrypted and stored.
Although exploitation generally requires physical access to the affected device or low-level system access, successful attacks could bypass important firmware security protections that help secure the boot process.
Faulty Encryption Method Exposed BIOS Credentials
Researchers found that some Dell systems stored BIOS passwords using a weak repeating-key XOR encryption method instead of a stronger cryptographic protection mechanism.
The affected passwords are stored in the Dell Variable (DVAR) section of the SPI flash memory, where firmware settings are maintained. According to researchers, weaknesses in the encryption design allow sensitive key information to be recovered from stored password data.
The problem is particularly serious for shorter passwords because unused storage space in the encrypted password field can reveal portions of the encryption key. This enables attackers to recover passwords directly instead of attempting traditional password-cracking methods.
Even longer passwords may remain vulnerable because the system’s key-generation process relies on limited device-specific information, reducing the complexity required for recovery.
Researchers Identify Affected Dell Platforms
The vulnerability was discovered by security researchers Craig S. Blackie of MDSec and Darren McDonald of AmberWolf during an investigation into Dell UEFI firmware.
Their analysis identified issues in the SystemPwSmm firmware component, which is used across multiple Dell client systems. Testing confirmed exposure on devices including:
- Dell Latitude E7250
- Dell Latitude 7490
- Dell XPS 15 9560
- Dell Wyse 5070 thin client
Researchers noted that newer Dell platforms using the Security Information Vault Block design with SHA-256-based protection were not affected during testing.
The difference highlights that Dell has already implemented stronger firmware security methods on newer hardware, although some older systems remain dependent on the vulnerable design.
Attack Requires Access, But Impact Could Be Significant
The vulnerability is not considered a remote attack because hackers typically need physical access to a device or the ability to obtain a firmware image from the system.
However, once attackers gain access, recovering BIOS passwords can reportedly be performed without user interaction or authentication. This creates risks for corporate laptops, shared devices and systems used in environments where physical security cannot always be guaranteed.
BIOS passwords often protect settings related to Secure Boot, boot order changes and other pre-operating system controls. If compromised, attackers could potentially weaken security protections or interfere with systems protected by disk encryption technologies.
Security experts warn that firmware-level weaknesses are particularly dangerous because they operate beneath the operating system and can affect multiple layers of device security.
Dell Releases Updates and Advises Security Measures
The vulnerability was privately reported to Dell in March 2026. After reviewing the findings, Dell published its security advisory and began releasing firmware updates for affected product lines.
Initial updates covered several platforms, including Precision systems, Rugged Latitude devices, Embedded PCs and Edge Gateway products. Additional fixes for other affected models were expected as part of Dell’s broader remediation effort.
Crime
Suratgarh Publisher Defrauded Of Lakhs Via Fake Bulk Book Orders
Suratgarh, Rajasthan: Police in Rajasthan’s Sri Ganganagar district have launched an investigation after a publishing distributor in Suratgarh was allegedly cheated of ₹9.5 lakh through a fraudulent bulk book order placed by individuals posing as representatives of educational institutions.
Investigators believe the suspects used forged documents, fake payment confirmations, and false corporate identities to obtain a large consignment of books without making any legitimate payment.
Fraudsters Used Fake Institutional Purchase Orders
According to the complaint, the accused approached the publisher claiming to be authorized procurement officials for reputed educational organizations. They allegedly submitted professional-looking purchase orders and maintained regular communication to gain the distributor’s confidence.
The suspects emphasized the urgency of the order, citing academic deadlines, and requested immediate dispatch of textbooks and reference materials. Trusting the authenticity of the documents and the buyer’s claimed credentials, the distributor released the consignment before receiving payment.
Fake Payment Proof Delayed Detection
To support the deception, the fraudsters allegedly shared fabricated bank transaction screenshots and counterfeit RTGS payment confirmations through messaging applications, creating the impression that the funds had already been transferred.
However, during a routine financial reconciliation, the publisher discovered that no payment had been credited to the company’s bank accounts.
Further inquiries revealed that the books had already been delivered and removed from the original destination. By the time the fraud was uncovered, the suspects had reportedly switched off their mobile phones, cut off communication, and shut down the fake digital platforms used during the transaction.
Police Probe Financial and Digital Evidence
Following the complaint, Suratgarh Police registered an FIR under relevant sections related to cheating, criminal breach of trust, and forgery involving electronic records.
Investigators are now examining digital evidence, including bank transaction records, mobile phone data, internet logs, and domain registration details, to identify those behind the fraud. Authorities are also working with telecom companies and financial institutions to trace the movement of the suspects and recover any possible evidence.
Businesses Urged to Strengthen Verification Procedures
The incident has prompted trade organizations and business associations to advise wholesalers and distributors to adopt stricter verification measures for high-value commercial transactions.
Industry experts recommend verifying buyer credentials directly with organizations, confirming receipt of funds through official banking channels rather than relying on payment screenshots, and avoiding the dispatch of goods until payments are fully credited.
Authorities say implementing stronger financial verification procedures can significantly reduce the risk of procurement fraud and protect businesses from similar scams in the future.
-
Business3 years agoPot Odor Does Not Justify Probable Cause for Vehicle Searches, Minnesota Court Affirms
-
Business3 years agoNew Mexico cannabis operator fined, loses license for alleged BioTrack fraud
-
Business3 years agoAlabama to make another attempt Dec. 1 to award medical cannabis licenses
-
Business3 years agoWashington State Pays Out $9.4 Million in Refunds Relating to Drug Convictions
-
Business3 years agoMarijuana companies suing US attorney general in federal prohibition challenge
-
Business3 years agoLegal Marijuana Handed A Nothing Burger From NY State
-
Business3 years agoCan Cannabis Help Seasonal Depression
-
Blogs3 years agoCannabis Art Is Flourishing On Etsy
