#FactCheck - Deepfake Alert: Virat Kohli's Alleged Betting App Endorsement Exposed
Executive Summary
A viral video allegedly featuring cricketer Virat Kohli endorsing a betting app named ‘Aviator’ is being shared widely across the social platform. CyberPeace Research Team’s Investigations revealed that the same has been made using the deepfake technology. In the viral video, we found some potential anomalies that can be said to have been created using Synthetic Media, also no genuine celebrity endorsements for the app exist, we have also previously debunked such Deep Fake videos of cricketer Virat Kohli regarding the misuse of deep fake technology. The spread of such content underscores the need for social media platforms to implement robust measures to combat online scams and misinformation.

Claims:
The claim made is that a video circulating on social media depicts Indian cricketer Virat Kohli endorsing a betting app called "Aviator." The video features an Indian News channel named India TV, where the journalist reportedly endorses the betting app followed by Virat Kohli's experience with the betting app.

Fact Check:
Upon receiving the news, we thoroughly watched the video and found some featured anomalies that are usually found in regular deep fake videos such as the lip sync of the journalist is not proper, and if we see it carefully the lips do not match with the audio that we can hear in the Video. It’s the same case when Virat Kohli Speaks in the video.

We then divided the video into keyframes and reverse searched one of the frames from the Kohli’s part, we found a video similar to the one spread, where we could see Virat Kohli wearing the same brown jacket in that video, uploaded on his verified Instagram handle which is an ad promotion in collaboration with American Tourister.

After going through the entire video, it is evident that Virat Kohli is not endorsing any betting app, rather he is talking about an ad promotion collaborating with American Tourister.
We then did some keyword searches to see if India TV had published any news as claimed in the Viral Video, but we didn’t find any credible source.
Therefore, upon noticing the major anomalies in the video and doing further analysis found that the video was created using Synthetic Media, it's a fake and misleading one.
Conclusion:
The video of Virat Kohli promoting a betting app is fake and does not actually feature the celebrity endorsing the app. This brings up many concerns regarding how Artificial Intelligence is being used for fraudulent activities. Social media platforms need to take action against the spread of fake videos like these.
Claim: Video surfacing on social media shows Indian cricket star Virat Kohli promoting a betting application known as "Aviator."
Claimed on: Facebook
Fact Check: Fake & Misleading
Related Blogs

Introduction
The .com boom led to a massive surge in the expansion of digitised and automated operations in all industries and organisations, which in turn beagle a wholesome transition to the digital age for all netizens, organisations and industries. All the big techs in today’s time were startups or not even in existence back when this boom began, but just in 3-4 decades, we see that a massive faction of the global population is dependent directly or indirectly on big techs for some or the other services. As the world of tech expands, so does the big tech, and hence, in the previous decades, we have seen some acquisitions by big tech companies. The biggest acquisition by tech was last seen in 2023 when the social media giant Facebook (Now META) acquired the famous messaging platform Whatsapp for $13 Billion, but now, almost after a decade, the world is ready to witness the biggest acquisition as Adobe confirms its plans to acquire Figma the leading web-first collaborative design platform.
Adobe - Figma Acquisition
The illustrator developer Adobe has been the pioneer in developing designing tools since 1982. The founder of the company made a switch from the paper company Xerox, and hence, the operations and products of the company have been oriented towards paper and design. But as the company is already a pioneer in developing designing and editing tools, the impact of AI cannot be underestimated. Hence, this acquisition comes at a critical juncture in impacting the AI-driven product market.
Adobe wants to use digital experiences to transform the world. Adobe provides the tools and platforms that power the digital economy today, and over the course of its existence, its innovations have positively impacted billions of people worldwide. Adobe continues to invent and modify categories, having revolutionised photography and creative expression with Photoshop, pioneered electronic documents with PDF, and created the digital marketing category with Adobe Experience Cloud.
The goals of Figma are to facilitate visual teamwork and provide accessibility to design for all. The company, which was founded in 2012 by Dylan Field and Evan Wallace, was a pioneer in online product design. Thanks to multi-player workflows, advanced design systems, and a large, expandable developer environment, it is now enabling collaboration for anybody designing interactive mobile and online applications. Millions of fresh designers and developers, as well as a devoted student base, have been drawn to Figma.
By working together, Adobe and Figma will transform how people create and work, spur innovation on the web, improve product design, and uplift communities of creators, designers, and developers throughout the world. The combined business will have the capacity to create major value for clients, investors, and the industry, in addition to a sizable and rapidly expanding market potential.
Key Features of Acquisition
The most expensive acquisition this century has caught the attention of a lot of companies and regulatory authorities across the world. The key features of the deal are as follows:
- Reimagining the Future of Creativity and Productivity: The designing giant Adobe and Figma coming together will unlock new potential for creativity and productivity as both of the companies create tools which are widely used; hence, they understand the customer’s requirements and expectations, thus making a path for creativity and productivity in term of new services and applications.
- Accelerating Creativity on the Web: Adobe's Creative Cloud technologies will be delivered online more quickly thanks to Figma's web-based, multi-player features, which will increase productivity and accessibility to the creative process for more people. The current difficulty facing creators is producing an ever-increasing amount of material while working closely with an ever-increasing number of stakeholders. With its widespread use, the web is now a tool that facilitates collaborative creation in teams.
- Advancing Product Design: All parties involved in the product design process, including designers, product managers, and developers, will gain from the integration of Adobe's robust imaging, photography, illustration, video, 3D, and font technologies into the Figma platform. Because digital applications are integral to both our personal and professional lives, the product design sector is experiencing rapid expansion.
- Inspiring and empowering the designer and developer community: The company's ongoing innovation has been fueled by the dynamic creative community at Adobe. With its vast and expanding ecosystem, Figma boasts a fervent community that creates and shares everything from templates to plug-ins to lessons. By uniting the communities of Figma and Adobe, designers and developers will be able to harness the potential of collaborative design in the future. By 2025, Figma's addressable market will reach a total of $16.5 billion. With best-in-class net dollar retention of more than 150 percent, the company is predicted to add around $200 million in net new ARR this year, topping $400 million in total ARR by the end of 2022. Figma has established a productive, rapidly expanding company with operating cash flows that are positive and gross margins of over 90%.
Conclusion
The acquisition of the decade is going to be under heavy scrutiny and checks under various laws in different countries and is expected to be given the green light soon, this merger and acquisition case study will act as a precedent for such high-value acquisitions. Nearly 10 years ago, we saw the last biggest acquisition, where Meta acquired WhatsApp for $13 Bn. As the world of tech moves forward, we will be witnessing more of such M&As in the future, but in such moments, we should be cautious about how our data is handled and transferred by the other company, always make sure you keep a check on your digital rights and responsibilities, because ultimately we are the consumers of the cyberspace.
References
- https://news.adobe.com/news/news-details/2022/Adobe-to-Acquire-Figma/default.aspx
- https://www.theregister.com/2023/10/26/regulator_delays_adobes_20bn_buy/
- https://www.reuters.com/markets/deals/adobes-deal-acquire-figma-under-threat-eu-regulators-ft-2023-06-20/'

Introduction:
With improved capabilities and evasion strategies, the Vultur banking Trojan has reappeared and is a serious danger to Android users. The virus now employs numerous encrypted payloads, encrypted communication, and poses as legitimate apps. It is transmitted by trojanized dropper programs on the Google Play Store. Vultur targets victims via phone calls and SMS messages. With the help of this updated version of Vultur, attackers may take total control of compromised devices. They can perform a variety of remote control operations like install, remove, upload, and download files, halt the execution of programs, and circumvent the lock screen. The virus is now far more hazardous than it was previously because of its improved capacity to remotely access and manipulate machines.
Overview:
The Android banking malware Vultur is well-known for its ability to record screens. It was first identified by ThreatFabric in March 2021 and targets banking apps for remote control and keylogging.
The malicious apps were hosted on the Google Play Store by the Brunhilda dropper-framework, which was used for its distribution. Initial versions of the program used reputable remote access tools such as ngrok and AlphaVNC.
Hybrid attacks have been used in recent operations to disseminate the Brunhilda dropper via phone calls and SMS. The dropper uses a number of payloads to distribute an upgraded version of Vultur.
41 new Firebase Cloud Messaging (FCM) commands and seven new Command-and-Control (C2) methods are included in the most recent version of Vultur.
With the help of Android's Accessibility Services, these enhancements concentrate on remote access functionality that improves the malware's capacity to communicate with the victim's screen.
Modus operandi of Attack:
Hybrid Attack Method:
- Utilizes a phone call, two SMS messages, and trick users into installing malware.
- First SMS tricks victims into calling a certain number by claiming to have made significant, unlawful transactions, which gives the impression of urgency.
- Although there was no transaction in reality, the urgency motivates victims to act quickly.
Trozonized MacAfee App:
- The victims are told to install a trojanized version of the McAfee Security program from a given link during the phone call.
- This app looks harmless and has features similar to the original McAfee Security app, but it's actually the Brunhilda dropper.
- The victims are misled into assuming that the security software they are installing is authentic.
Execution of Vultur Payloads:
- Three payloads connected to Vultur are decrypted and executed via the Brunhilda dropper.
- Threat actors can carry out a variety of malicious operations, including keylogging and screen recording, on the victim's mobile device thanks to these payloads, which grant them total access over it.
- The infected device of the victim allows the threat actors to launch additional assaults or obtain private data.
Indication of the attack:
The symptoms of a Vultur banking Trojan infection include:
- Remote Access: This malware gives the hacker the ability to remotely use the infected device via clicking, scrolling, and swiping through Android's accessibility services.
- File Management: Through this, the malware is able to copy, share, remove, create, and locate files from devices it has infected.
- App Blocking: For instance; the malicious software can be programmed to stop the victims from opening a certain bunch of apps.
- Custom Notifications: Attackers can embed the malware with the functionality of displaying the customized notifications in the taskbar.
- Keyguard Disabling: The malware may be designed to turn off Screen Lock Guard feature so the lock screen security measure can be easily bypassed.
- Encrypted C2 Communication: The malware chooses AES data encryption, with Base64 text encoding to provide hidden traces for C2 communication.
- Payload Decryption: The malware uses native code, mostly written in C as well as C++, to decode the goods, thus, making a process of reversing more complicated.
- Spying on Financial Apps: The malware uses screen-streaming and keylogging as ways of acquiring facts about the victim’s mobile banking applications.
Indicator of Compromise:
File hash (SHA-256)
- edef007f1ca60fdf75a7d5c5ffe09f1fc3fb560153633ec18c5ddb46cc75ea21
- 89625cf2caed9028b41121c4589d9e35fa7981a2381aa293d4979b36cf5c8ff2
- 1fc81b03703d64339d1417a079720bf0480fece3d017c303d88d18c70c7aabc3
- 4fed4a42aadea8b3e937856318f9fbd056e2f46c19a6316df0660921dd5ba6c5
- 001fd4af41df8883957c515703e9b6b08e36fde3fd1d127b283ee75a32d575fc
- fc8c69bddd40a24d6d28fbf0c0d43a1a57067b19e6c3cc07e2664ef4879c221b
- 7337a79d832a57531b20b09c2fc17b4257a6d4e93fcaeb961eb7c6a95b071a06
- 7f1a344d8141e75c69a3c5cf61197f1d4b5038053fd777a68589ecdb29168e0c
- 26f9e19c2a82d2ed4d940c2ec535ff2aba8583ae3867502899a7790fe3628400
- 2a97ed20f1ae2ea5ef2b162d61279b2f9b68eba7cf27920e2a82a115fd68e31f
- c0f3cb3d837d39aa3abccada0b4ecdb840621a8539519c104b27e2a646d7d50d
- 92af567452ecd02e48a2ebc762a318ce526ab28e192e89407cac9df3c317e78d
- fa6111216966a98561a2af9e4ac97db036bcd551635be5b230995faad40b7607
- dc4f24f07d99e4e34d1f50de0535f88ea52cc62bfb520452bdd730b94d6d8c0e
- 627529bb010b98511cfa1ad1aaa08760b158f4733e2bbccfd54050838c7b7fa3
- f5ce27a49eaf59292f11af07851383e7d721a4d60019f3aceb8ca914259056af
- 5d86c9afd1d33e4affa9ba61225aded26ecaeb01755eeb861bb4db9bbb39191c
- 5724589c46f3e469dc9f048e1e2601b8d7d1bafcc54e3d9460bc0adeeada022d
- 7f1a344d8141e75c69a3c5cf61197f1d4b5038053fd777a68589ecdb29168e0c
- fd3b36455e58ba3531e8cce0326cce782723cc5d1cc0998b775e07e6c2622160
- 819044d01e8726a47fc5970efc80ceddea0ac9bf7c1c5d08b293f0ae571369a9
- 0f2f8adce0f1e1971cba5851e383846b68e5504679d916d7dad10133cc965851
- fb1e68ee3509993d0fe767b0372752d2fec8f5b0bf03d5c10a30b042a830ae1a
- d3dc4e22611ed20d700b6dd292ffddbc595c42453f18879f2ae4693a4d4d925a
- f4d7e9ec4eda034c29b8d73d479084658858f56e67909c2ffedf9223d7ca9bd2
- 7ca6989ccfb0ad0571aef7b263125410a5037976f41e17ee7c022097f827bd74
- c646c8e6a632e23a9c2e60590f012c7b5cb40340194cb0a597161676961b4de0
Command and Control Servers
- safetyfactor[.]online
- cloudmiracle[.]store
- flandria171[.]appspot[.]com (FCM)
- newyan-1e09d[.]appspot[.]com (FCM)
Droppers distribution URL’s
- mcafee[.]960232[.]com
- mcafee[.]353934[.]com
- mcafee[.]908713[.]com
- mcafee[.]784503[.]com
- mcafee[.]053105[.]com
- mcafee[.]092877[.]com
- mcafee[.]582630[.]com
- mcafee[.]581574[.]com
- mcafee[.]582342[.]com
- mcafee[.]593942[.]com
- mcafee[.]930204[.]com
Steps to be taken when your device is compromised?.
- Change the password: Vultur revealed multiple cases where threat actors can gain access to your financial and private information. To safeguard your account, reset passwords on other devices and create secure, unique passwords during the time. Instead of simply storing your password, a reputed password manager is the most secure way of storing information.
- Keep an eye on your transactions and accounts: It is advised that you regularly monitor your online accounts for any unusual or illegal activity. Keep a watch out for any irregularities, and report anything suspicious to the provider or authorities straight immediately.. Also check your credit reports and scores attentively to make sure that your identity or cards are not compromised.
- Make sure you are using identity theft protection: Many pieces of information about your identity are stored in an Android device. Cyber criminals can easily get hold of this data and make major damage to you, including stealing your money and identity. For your own protection, some of the identity theft protection services that monitor all your personal information and notify you on any unusual activity and, as well, helps you to freeze your accounts would be beneficial.
- Immediately get in touch with your banks and credit card companies: Your personal information such as credit card or bank details is of high risk to be exposed to hackers who could use them to make transactions without you knowing. You should inform your credit card and the lending bank about the situation as soon as possible. They would help you if your cards were used for fraudulent charges and your card be either frozen or canceled. Besides, they can get new cards issued.
- Make your contacts alert regarding the fraud you faced: Threat actors may access your social media or email accounts to send phishing messages or spam to people in your contact list, if they gain access to them. Moreover, they may masquerade as you and try to extort cash from you or disclose your personal information. Distributing a message to your contacts stating that they shouldn’t open or reply to any messages that look like they are not from you and look very strange or suspicious, will be a great idea.
- Make a backup and wipe all your device content in factory settings: You can always factory reset your device to ensure it is free of viruses and spyware. In other words, it will refresh Android and leave behind all your data and settings. Back up all the critical data prior to processing it and assure that everything is restored from a trustworthy source only.
Preventive measures to be taken:
- Avoid calling back to the hacker: If a hacker texts you claiming to have approved a sizable bank transaction, refrain from picking up the phone. You can always check by making a call to your own financial intuition. However, never pick up on an unknown number that someone else sends you.
- Avoid sideloading apps and shortened URLs: Try to avoid sideloading apps. That's the moment when you install apps from unofficial sources. Users may be tricked into downloading malware using short URLs.
- Be careful granting permissions: Be cautious when allowing permissions for apps. Think about whether an app really needs access to specific data or device functions.
- Limit the apps you have on your phone: On your phone, having plenty of apps might sometimes make it easier to become infected with malware. Over time, these apps may allow harmful code to enter your system, and the more programs you have to update and monitor, the greater the risk to your Android device. This is how to remove pointless apps from your Android device.
- Download apps from reputable sources: Additionally, make sure the programs you download are from reputable and authorized developers. Do your homework and read reviews before you install.
- Keep your Android device updated: With the help of software and security upgrades, your phone can automatically maintain security. Remember to install them.
- Have good antivirus software on all your devices: The best defense against malware on all of your devices is to install antivirus software. By blocking you from clicking on potentially dangerous links, antivirus software can keep malware off your devices and keep hackers from accessing your personal data.
Conclusion:
Vultur is a terrifying banking Trojan with a great deal of sophistication. It's unsettling that hackers can take complete control of your Android device, which emphasizes how crucial it is that you take precautions. It all starts with a text message in these attacks. You must take the time to independently contact your banking institution to check whether there are any issues. You may prevent having your entire device compromised and your personal information exposed by simply investing an additional few minutes.
Reference:
- https://research.nccgroup.com/2024/03/28/android-malware-vultur-expands-its-wingspan/
- https://www.threatfabric.com/blogs/vultur-v-for-vnc\
- https://www.tomsguide.com/computing/malware-adware/this-nasty-android-banking-trojan-lets-hackers-completely-hijack-your-phone-how-to-stay-safe
- https://thehackernews.com/2024/04/vultur-android-banking-trojan-returns.html?m=1
- https://www.smallbiztechnology.com/archive/2024/04/vultur-trojan-heightens-android-app-security-risks.html/
- https://securityaffairs.com/161320/malware/vultur-banking-trojan-android.html
- https://www.malwarebytes.com/blog/detections/android-trojan-spy-vultur
- https://www.scmagazine.com/brief/updated-vultur-android-banking-trojan-emerges
- https://innovatecybersecurity.com/security-threat-advisory/windows-server-updates-blamed-for-domain-controller-crashes-kb5035855-and-kb5035857/

Introduction
The two-day Apple’s Worldwide Developer Conference (WWDC) 2023, which was held on the 6th & 7th of June, has become an essential and highly anticipated part of our calendar as frequently as the trend. This year’s keynote announcements will include all of the usual enhancements for iOS, iPadOS, watchOS, macOS, and more. However, this year is also unique due to the unveiling of the Vision Pro headset, a brand-new Apple product.
In this blog, we will examine the exciting announcements made at Apple WWDC 2023, which was a ground-breaking event.
macOS Sonoma
macOS Sonoma, the new presentation of macOS disclosed at the WWDC full of exciting features. It comes with stunning video screensavers that show stunning scenes from all over the world. Gadgets can now be added genuinely to the work area and adjusted totally based on the client’s action. Also, it changes variety and blurring out of the spotlight while utilising applications. In addition, Death Stranding: Directors Cut for Mac announced that the Game Mode is added to make Macs more suitable for gaming. A presenter overlay enhances video presentations, and viewers can respond to them with interactive responses. Updated Safari is also included in the WebApp feature that turns frequently used websites into dedicated windows, a new Profile system for separating browsing history, and secure password sharing. Currently, the developer beta is available and the public beta will be available in July, and the final release is anticipated for the fall.
ios 16
Apple WWDC 2023 shows the following iOS, and iOS 16 replication, offering plenty of energising highlights for iPhone and iPad clients. Apple maintains its commitment to privacy with iOS 16, which introduces enhanced privacy settings that give users even more control over their data and online privacy. Users can also personalise their devices according to their preferences thanks to the new operating system’s refinement and customisable user interface.Improved multitasking capabilities like redesigned Files app and advanced note-taking features are just a few of the productivity enhancements included in the iOS 16. With iOS 16, Apple also improves its AR capabilities, allowing developers to develop even more immersive and interactive AR experiences.

WatchOS 9
Apple WWDC 2023 carried energising updates to the Apple Watch with the presentation of watchOS 9. The Apple Watch is an essential companion for sustaining a healthy lifestyle because the most recent version of the operating system includes cutting-edge health and fitness features. WatchOS 9 gives users unprecedented control over their health, offering personalised fitness recommendations and advanced sleep tracking.
Additionally, new watch faces were added, enhancing communication capabilities and improving app performance in watchOS 9, making the Apple Watch even easier to use daily.
ios 17
Rather than focusing on major features, Apple focused on quality-of-life enhancements when it announced iOS 17 at WWDC 2023. Live Voicemail with real-time transcripts of voicemails, personalised personal contact “posters,” and video voicemails for FaceTime are all part of the update. Search filters, a catch-up arrow, live location sharing, and a safety feature called Check-In are all available in Messages. AirDrop now supports NameDrop for transferring contact information; stickers have been expanded. The autocorrect and recording features on the keyboard have been improved for accuracy. Standby in the lock screen is an intelligent home display that shows the weather, upcoming appointments, and notifications. Siri works on Standby and adjusts itself for the night. The developer beta is currently available now, and a public beta will take place next month before the full release is in the fall.
Vision Pro VR Headset
Apple unveiled the Vision Pro AR headset, their first foray into virtual reality (VR), during the WWDC keynote. The Vision Pro is a virtual reality headset that competes with PlayStation VR2 and Meta Quest 3. This is in contrast to the long-awaited Apple smart glasses. Apple put a lot of effort into making a thin and light headset by using premium materials when needed. Voice, hand, and eye commands are all used to operate the Digital Crown-equipped device. The showcases offer extraordinary clarity, which is fueled by Apple’s M2 processor with a committed R1 chip. The Vision Pro combines virtual reality (VR) and augmented reality (AR), enabling users to interact with Apple apps and gain access to the company’s existing ecosystem. The expanded reality space created by the headset’s sensors and cameras allows users to place apps in real-world environments and adjust their level of concentration. Optic ID is a security and unlocking eye-tracking technology that is incorporated into the Vision Pro. It allows for a more immersive screen experience because it is compatible with Apple accessories like Magic Keyboard and Mac. At launch, the Vision Pro supports over a hundred Apple game galleries. Disney gave a hint that Apple and Disney might work together in the future by announcing support for the Vision Pro and making the Disney Plus app available immediately. The show highlighted the headset’s lightweight plan and recommended Apple clients wear it for extended periods. However, widespread adoption may be difficult due to the high price of $3,499 (₹289,093.01 approx). Apple is expected to release the Vision Pro for public use in 2024.

15-inch MacBook Air
At the WWDC event, Apple revealed a new MacBook Air with a larger 15-inch model instead of the standard 13-inch model. The 15-inch MacBook Air features a powerful Apple M2 processor, a thin, light, and long-lasting design, and a stunning 15.3-inch Retina display. It comes in four colours and has a headphone jack, two USB-C ports, and MagSafe charging. The display has six spatial speakers, a 1080p webcam, and 500 nits of brightness. Apple claims a battery life of up to 18 hours.
Conclusion
At Apple’s 2023 WWDC, the company demonstrated its commitment to developing technology that is user-friendly and accessible to all. Apple’s commitment to improving the user experience across all of its products is demonstrated in the updates to operating systems, improvements of Siri, breakthroughs in augmented reality, and enhancements to health and fitness.By making complex innovations more like-minded and easy to understand, Apple is enabling people to use the maximum capacity of their gadgets. Apple’s innovations at WWDC 2023 are expected to shape the future of technology, simplifying everyday tasks and revolutionising how we interact with the digital world.As we push ahead, it is exciting to guess what these advancements will proceed to develop and decidedly mean for our lives. The future holds even more incredible possibilities for all of us because of Apple’s focus on privacy, user-centric design, and pushing the boundaries of innovation. Thus, prepare to embrace a future where innovation flawlessly incorporates into our lives because of the endeavours displayed at Apple WWDC 2023.