By Ashwani Mishra, Editor-Technology, 63SATS
India’s suspect registry prevented six lakh fraudulent transactions, saving ₹1,800 crore by tracking 1.4 million cybercriminals. Meanwhile, North Korean hackers, including the Lazarus Group, stole $659 million in cryptocurrency, with Japan’s DMM Bitcoin suffering the largest hit.
Russia’s Roseltorg platform faced a cyberattack by pro-Ukraine hackers, disrupting state procurement operations. Globally, Microsoft 365 accounts were targeted by high-speed FastHTTP brute-force attacks, with a 10% success rate. The FBI dismantled the PlugX malware, linked to Chinese state hackers, infecting 4,200 computers. Finally, the UK proposed a ransomware payment ban across public sectors to deter attacks on critical infrastructure.
India’s Suspect Registry Saves ₹1,800 Crore in Three Months
According to the Indian Express, India’s online ‘suspect registry’ has prevented six lakh fraudulent transactions and saved ₹1,800 crore since its launch in September 2024, according to the Ministry of Home Affairs.
Developed by the Indian Cyber Crime Coordination Centre (I4C), the registry compiles data on 1.4 million cybercriminals linked to financial fraud. It is accessible to state, UT, and central investigation agencies to combat cybercrime more effectively. Launched by Union Home Minister Amit Shah, this initiative builds on the National Cybercrime Reporting Portal (NCRP) and aims to safeguard critical financial assets.
North Korean Hackers Stole $659M in Crypto Heists in 2024
North Korean hackers stole $659 million in cryptocurrency last year, as revealed in a joint statement by the US, Japan, and South Korea. Key incidents include the $235 million hack on Indian exchange WazirX, attributed to the Lazarus Group, and Japan’s DMM Bitcoin loss of $308 million, which led to the platform’s closure.
This trend underscores North Korea’s reliance on cybercrime to bolster its economy, with Lazarus previously linked to major heists like the $625 million Axie Infinity breach in 2022.
Pro-Ukraine Hackers Target Russian Procurement Platform Roseltorg
Russia’s largest state procurement platform, Roseltorg, faced a significant cyberattack attributed to a pro-Ukraine group. Initially dismissed as “maintenance work,” Roseltorg later confirmed an attempt to destroy its data and infrastructure.
This platform facilitates contracts in defense, construction, and government projects. The attack, which disrupted electronic trading and procurement operations, highlights the rising trend of geopolitical cyber warfare targeting critical Russian infrastructure.
High-Speed Brute-Force Attacks on Microsoft 365 Using FastHTTP
Threat actors are employing the FastHTTP Go library to conduct high-speed brute-force attacks on Microsoft 365 accounts globally. Discovered by SpearTip, these attacks began on January 6, 2025, targeting the Azure Active Directory Graph API.
Researchers warn that these attacks successfully compromise accounts in 10% of cases, emphasizing the need for organizations to enforce stronger password policies and multi-factor authentication to protect sensitive data.
FBI Deletes Malware in 4,200 Computers in Major Cyber Operation
The FBI hacked 4,200 computers across the US as part of an operation to eliminate PlugX malware, used by Chinese state-backed hackers like Mustang Panda. PlugX has infected thousands of devices globally since 2012, allowing remote access and data theft.
The malware connects to a command-and-control server, enabling hackers to execute commands and extract sensitive information. The FBI identified 45,000 infected IPs in the US alone, demonstrating the scale of the threat.
UK Proposes Ransomware Payment Ban for Public Sector
The UK government has opened consultations on banning ransomware payments across the public sector, including hospitals, schools, and transport networks. This 12-week consultation, running until April 8, aims to deter financially motivated cybercriminals.
Proposals include mandatory incident reporting and a “ransomware payment prevention regime,” requiring non-public sector organizations to obtain government approval before paying ransoms. This initiative seeks to minimize financial losses and strengthen national cybersecurity.