By Ashwani Mishra, Editor-Technology, 63SATS
Cyber threats remain a major concern, with one in three Indian internet users targeted in 2024, despite a 5% decline in cyber incidents. Meanwhile, a mobile malware campaign has compromised 50,000 Indian banking users, stealing sensitive credentials. In the U.S., a cyberattack on McKinney, Texas exposed thousands of residents’ data, raising concerns over municipal cybersecurity.
Cybercriminals are also leveraging AI models like DeepSeek and Alibaba’s Qwen to enhance malware capabilities. The aviation sector is under fire, with cyberattacks on ACAO and ICAO, exposing aviation experts’ sensitive data. These developments highlight the growing need for stronger cybersecurity defenses worldwide.
Cyber Threats Decline in India, But Risks Remain
A Kaspersky report reveals one in three Indian internet users faced cyber threats in 2024, with 44.3 million attacks detected. While threats declined by 5% from 2023, India’s global cybersecurity ranking improved from 76th to 72nd.
Despite progress, evolving cyber risks persist, urging individuals and organizations to strengthen security measures. In 2023, 33.6% of users were affected, compared to 28.8% in 2024, showing better awareness. India’s digital landscape is improving, but experts stress the need for continued cybersecurity vigilance to combat emerging threats.
Massive Android Malware Attack Hits Indian Banks
A sophisticated mobile banking malware campaign has compromised 50,000 users in India, stealing Aadhaar, PAN, and banking credentials. Researchers at zLabs analyzed 900 malware samples, revealing a Trojan masquerading as banking or government apps.
Distributed via WhatsApp APKs, the malware intercepts SMS messages and uses live phone numbers for data forwarding. Unlike traditional command-and-control methods, this approach allows attackers to bypass detection. zLabs has identified 1,000+ phone numbers linked to the campaign and has alerted authorities. Financial institutions are urged to enhance mobile security protocols to prevent further exploitation.
McKinney, Texas Data Breach Exposes Residents’ Personal Data
A cyberattack on McKinney, Texas, exposed thousands of residents’ sensitive data after breaching government systems on October 31, 2024. The attack, discovered two weeks later, remains unattributed as officials refuse to confirm if it was ransomware-related.
Following the breach, FBI, Homeland Security, and Texas state authorities were notified. On December 30, investigations confirmed that personal and sensitive information was compromised. The city is now notifying affected residents while working on enhancing cybersecurity defenses. This breach highlights growing cyber threats targeting municipal networks and the urgent need for robust government cybersecurity measures.
Cybercriminals Exploit AI: DeepSeek & Alibaba LLMs Under Threat
Cybercriminals are actively experimenting with Chinese LLMs, particularly Alibaba’s Qwen and DeepSeek AI, to enhance malware capabilities, according to Check Point researchers.
While LLMs have primarily been used for phishing and scam operations, hackers now test them for malware development. OpenAI and other AI providers are investing in stronger development tools, increasing the likelihood of future AI-assisted cyber threats. Experts warn that as LLM-based malware development evolves, both businesses and cybercriminals will leverage these advancements, making AI-driven cyber threats inevitable in the coming years.
Cyberattack Targets Arab Civil Aviation Organization (ACAO)
A cyberattack on the Arab Civil Aviation Organization (ACAO) has compromised sensitive aviation records, raising concerns over cyberespionage in global aviation security. Cybersecurity firm Resecurity uncovered the breach, which exploited SQL injection vulnerabilities in ACAO’s web applications.
This attack follows a similar breach at the International Civil Aviation Organization (ICAO), where 12,000 individuals’ personal data was exposed. Cybercriminals appear to be targeting aviation regulators and safety specialists, likely for state-sponsored espionage. Security experts urge aviation organizations to enhance cybersecurity defenses to prevent future cyber threats against critical infrastructure.
