#FactCheck - MS Dhoni Sculpture Falsely Portrayed as Chanakya 3D Recreation

Introduction:

This report examines ongoing phishing scams targeting "State Bank of India (SBI)" customers, India's biggest public bank using fake SelfKYC APKs to trick people. The image plays a part in a phishing plan to get users to download bogus APK files by claiming they need to update or confirm their "Know Your Customer (KYC)" info.

Fake Claim:

A picture making the rounds on social media comes with an APK file. It shows a phishing message that says the user's SBI YONO account will stop working because of their "Old PAN card." It then tells the user to install the "WBI APK" APK (Android Application Package) to check documents and keep their account open. This message is fake and aims to get people to download a harmful app.

Key Characteristics of the Scam:

• The messages "URGENTLY REQUIRED" and "Your account will be blocked today" show how scammers try to scare people into acting fast without thinking.
• PAN Card Reference: Crooks often use PAN card verification and KYC updates as a trick because these are normal for Indian bank customers.
• Risky APK Downloads: The message pushes people to get APK files, which can be dangerous. APKs from places other than the Google Play Store often have harmful software.
• Copying the Brand: The message looks a lot like SBI's real words and logos to seem legit.
• Shady Source: You can't find the APK they mention on Google Play or SBI's website, which means you should ignore the app right away.

Modus Operandi:

• Delivery Mechanism: Typically, users of messaging services like "WhatsApp," "SMS," or "email" receive identical messages with an APK link, which is how the scam is distributed.
• APK Installation: The phony APK frequently asks for a lot of rights once it is  installed, including access to "SMS," "contacts," "calls," and "banking apps."
• Data Theft: Once installed, the program may have the ability to steal card numbers, personal information, OTPs, and banking credentials.
• Remote Access: These APKs may occasionally allow cybercriminals to remotely take control of the victim's device in order to carry out fraudulent financial activities.

While the user installs the application on their device the following interface opens: 

‍

‍

It asks the user to allow the following:

• SMS is used to send and receive info from the bank.
• User details such as Username, Password, Mobile Number, and Captcha. 

Technical Findings of the Application:

Static Analysis:

• File Name: SBI SELF KYC_015850.apk
• Package Name: com.mark.dot.comsbione.krishn
• Scan Date: Sept. 25, 2024, 6:45 a.m.
• App Security Score: 52/100 (MEDIUM RISK)
• Grade: B

File Information:

• File Name: SBI SELF KYC_015850.apk
• Size: 2.88MB
• MD5: 55fdb5ff999656ddbfa0284d0707d9ef
• SHA1: 8821ee6475576beb86d271bc15882247f1e83630
• SHA256: 54bab6a7a0b111763c726e161aa8a6eb43d10b76bb1c19728ace50e5afa40448

App Information:

• App Name: SBl Bank
• Package Name:: com.mark.dot.comsbione.krishn
• Main Activity: com.mark.dot.comsbione.krishn.MainActivity
• Target SDK: 34
• Min SDK: 24
• Max SDK:
• Android Version Name:: 1.0
• Android Version Code:: 1

App Components:

• Activities: 8
• Services: 2
• Receivers: 2
• Providers: 1
• Exported Activities: 0
• Exported Services: 1
• Exported Receivers: 2
• Exported Providers:: 0

Certificate Information:

• Binary is signed
• v1 signature: False
• v2 signature: True
• v3 signature: False
• v4 signature: False
• X.509 Subject: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Signature Algorithm: rsassa_pkcs1v15
• Valid From: 20240904 07:38:35+00:00
• Valid To: 20490829 07:38:35+00:00
• Issuer: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Serial Number: 0x1
• Hash Algorithm: sha256
• md5: 4536ca31b69fb68a34c6440072fca8b5
• sha1: 6f8825341186f39cfb864ba0044c034efb7cb8f4
• sha256: 6bc865a3f1371978e512fa4545850826bc29fa1d79cdedf69723b1e44bf3e23f
• sha512:05254668e1c12a2455c3224ef49a585b599d00796fab91b6f94d0b85ab48ae4b14868dabf16aa609c3b6a4b7ac14c7c8f753111b4291c4f3efa49f4edf41123d
• PublicKey Algorithm: RSA
• Bit Size: 2048
• Fingerprint: a84f890d7dfbf1514fc69313bf99aa8a826bade3927236f447af63fbb18a8ea6
• Found 1 unique certificate

‍

App Permission 

‍

‍

1. Normal Permissions

• Access_network_state: Allows the App to View the Network Status of All Networks.
• Foreground_service: Enables Regular Apps to Use Foreground Services.
• Foreground_service_data_sync: Allows Data Synchronization With Foreground Services.
• Internet: Grants Full Internet Access.

2. Signature Permission:

• Broadcast_sms: Sends Sms Received Broadcasts. It Can Be Abused by Malicious Apps to Forge Incoming Sms Messages.

3. Dangerous Permissions:

• Read_phone_numbers: Grants Access to the Device’s Phone Number(S).
• Read_phone_state: Reads the Phone’s State and Identity, Including Phone Features and Data.
• Read_sms: Allows the App to Read Sms or Mms Messages Stored on the Device or Sim Card. Malicious Apps Could Use This to Read Confidential Messages.
• Receive_sms: Enables the App to Receive and Process Sms Messages. Malicious Apps Could Monitor or Delete Messages Without Showing Them to the User.
• Send_sms: Allows the App to Send Sms Messages. Malicious Apps Could Send Messages Without the User’s Confirmation, Potentially Leading to Financial Costs.

On further analysis on virustotal platform using md5 hash file, the following results were retrieved where there are 24 security vendors out of 68, marked this apk file as malicious and the graph represents the distribution of malicious file in the environment.

‍

‍

Key Takeaways:

• Normal Permissions: Generally Safe for Accessing Basic Functionalities (Network State, Internet).
• Signature Permissions: May Pose Risks When Misused, Especially Related to Sms Broadcasts.
• Dangerous Permissions: Provide Sensitive Data Access, Such as Phone Numbers and Device Identity, Which Can Be Exploited by Malicious Apps.
• The Dangerous Permissions Pose Risks Regarding the Reading, Receiving, and Sending of Sms, Which Can Lead to Privacy Breaches or Financial Consequences.

How to Identify the Scam:

• Official Statement: SBI never asks clients to download unauthorized APKs for upgrades related to KYC or other services. All formal correspondence takes place via the SBI YONO app, which may be found in reputable app shops.
• No Immediate Threats: Bank correspondence never employs menacing language or issues harsh deadlines, such as "your account will be blocked today."
• Email Domain and SMS Number: Verified email addresses or phone numbers are used for official SBI correspondence. Generic, unauthorized numbers or addresses are frequently used in scams.
• Links and APK Files: Steer clear of downloading APK files from unreliable sources at all times. For app downloads, visit the Apple App Store or Google Play Store instead.

CyberPeace Advisory:

• The Research team recommends that people should avoid opening such messages sent via social platforms. One must always think before clicking on such links, or downloading any attachments from unauthorised sources.
• Downloading any application from any third party sources instead of the official app store should be avoided. This will greatly reduce the risk of downloading a malicious app, as official app stores have strict guidelines for app developers and review each app before it gets published on the store.
• Even if you download the application from an authorised source, check the app's permissions before you install it. Some malicious apps may request access to sensitive information or resources on your device. If an app is asking for too many permissions, it's best to avoid it.
• Keep your device and the app-store app up to date. This will ensure that you have the latest security updates and bug fixes.
• Falling into such a trap could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications and could lead users to financial loss.
• Do not share confidential details like credentials, banking information with such types of Phishing scams.
• Never share or forward fake messages containing links on any social platform without proper verification.

Conclusion:

Fake APK phishing scams target financial institutions more often. This report outlines safety steps for SBI customers and ways to spot and steer clear of these cons. Keep in mind that legitimate banks never ask you to get an APK from shady websites or threaten to close your account right away. To stay safe, use SBI's official YONO app on both systems and get apps from trusted places like Google Play or the Apple App Store. Check if the info is true before you do anything turn on 2FA for all your bank and money accounts, and tell SBI or your local cyber police about any scams you see.

‍

Introduction

Over-the-Top (OTT) streaming platforms have become a significant part of Indian entertainment consumption, offering users the ability to watch films, web series, and short-format videos directly online. These platforms operate on a subscription-based model, allowing for creative freedom, but they also lack clear accountability. On certain platforms, some content has been criticised for focusing on sensational or sexually explicit themes, particularly targeting young viewers seeking risqué entertainment. Such applications lack strong age verification mechanisms and offer ‘user access’ with minimal restrictions, which raises serious concerns about exposure to obscene content. This has triggered serious concerns among regulators, civil society organisations, advocacy and parental groups about the accessibility of such material and its potential influence, especially on minors.

Blocking order issued by the Ministry of Broadcasting and Information (MIB)

On 23rd July 2025, the Government of India, invoking powers under the Information Technology Act, 2000, and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, has issued a ‘blocking order’ against 25 OTT platforms. A total of 26 websites and 14 mobile applications of the said OTT platforms were on the list, including several prominent OTT platforms for alleged distribution of obscene, vulgar and pornographic content in some cases.  This regulatory action follows previous statutory advice and repeated warnings to the platforms in question, some of which continued to operate through new domains and disobeyed Indian laws and regulations. 

This action was taken by the Ministry of Broadcasting and Information (MIB) in consultation with Ministry of Home Affairs, Ministry of Women and Child Development, Ministry of Electronics and Information Technology, Department of Legal Affairs, industry bodies and experts in the field of women rights and child rights.

The list of OTT Platforms covered under the said ‘Blocking Order’

‍

The list includes - Big Shots App, Desiflix, Boomex, NeonX VIP, Navarasa Lite, Gulab App, Kangan App, Bull App, ShowHit, Jalva App, Wow Entertainment, Look Entertainment, Hitprime, Fugi, Feneo, ShowX, Sol Talkies, Adda TV, ALTT, HotX VIP, Hulchul App, MoodX, Triflicks, Ullu, and Mojflix. 

The government has explicitly directed Internet Service Providers (ISP’s) to disable or remove public access to these websites within India.

Recent Judicial and Centre’s Interventions

• To refresh the memory, last year in March 2024, the Ministry of I&B blocked 18 OTT Platforms for Obscene and Vulgar Content. 
• In April 2025, the Apex Court of India heard a petition on the prohibition of streaming of sexually explicit content on over-the-top (OTT) and social media platforms. In response to the petition, the Apex court stated, ‘It's not our domain, the centre has to take action and highlighted the need for executive action in the matter. The apex court has also issued notice to the Centre, OTT platforms, as well as social media platforms in response to a petition seeking a ban on sexually explicit content. (Uday Mahurkar & Ors. v. Union of India & Ors. [WP(C) 313/2025])
• The following recent blocking order dated 23rd July 2025 by the Ministry of I&B is a welcome and commendable step that reflects the government’s firm stance against illicit content on OTT platforms. Kangana Ranaut, Actress and politician, while speaking to a news agency, has appreciated the government's move to ban OTT platforms such as Ullu, ALTT, and Desiflix for showing soft porn content.

Conclusion

The centre’s intervention sends a clear message that OTT platforms cannot remain exempt from accountability. The move is a response to the growing concern of harms caused by unregulated digital content and non-compliances by the platforms, particularly in relation to illicit material, and broader violations of decency laws in India. However, the enforcement must now go beyond issuing orders and require a robust measurable compliance framework for OTT platforms. 

In today’s fast-paced era, when subscription-based content platforms place vast libraries at users' fingertips, the government's action is necessary and proportionate, marking a decisive step toward safer digital and healthy regulated environments.

References

• https://www.newsonair.gov.in/govt-bans-25-ott-websites-apps-over-vulgar-and-pornographic-content/
• https://timesofindia.indiatimes.com/technology/tech-news/big-shots-ullu-altt-desiflix-mojflix-and-20-other-ott-apps-banned-what-governments-ban-order-says/articleshow/122918803.cms
• https://www.ndtv.com/india-news/centre-bans-ott-platforms-ullu-altt-desiflix-for-obscene-content-8947100
• https://foxmandal.in/News/sc-takes-note-of-obscenity-plea-issues-notice-to-ott-platforms/
• https://www.morungexpress.com/kangana-ranaut-calls-banning-ott-platforms-for-soft-porn-content-a-much-appreciated-move
• https://www.livemint.com/news/india/do-something-supreme-court-to-centre-ott-platforms-on-obscene-content-pil-netflix-amazon-prime-ullu-altt-x-facebook-11745823594972.html

‍

Introduction 

Digitalization in India has been a transformative force, India is also marked as the second country in the world in terms of active internet users. With this adoption of digitalization and technology, the country is becoming a digitally empowered society and knowledge-based economy. However, the number of cyber crimes in the country has also seen a massive spike recently with the sophisticated cyber attacks and manipulative techniques being used by cybercriminals to lure innocent individuals and businesses. 

As per recent reports, over 740,000 cybercrime cases were reported to the I4C, in the first four months of 2024, which raises serious concern on the growing nature of cyber crimes in the country. Recently Prime Minister Modi in his Mann Ki Baat address, cautioned the public about a particular rising cyber scam known as ‘digital arrest’ and highlighted the seriousness of the issue and urged people to be aware and alert about such scams to counter them. The government has been keen on making efforts to reduce and combat cyber crimes by introducing new measures and strengthening the regulatory landscape governing cyberspace in India.

Indian Cyber Crime Coordination Centre  

Indian Cybercrime Coordination Centre (I4C) was established by the Ministry of Home Affairs  (MHA) to provide a framework and eco-system for law enforcement agencies (LEAs) to deal with cybercrime in a coordinated and comprehensive manner. I4C handles the ‘National Cyber Crime Reporting Portal’ (https://cybercrime.gov.in) and the 1930 Cyber Crime Helpline. Recently at the Indian Cyber Crime Coordination Centre (I4C) Foundation Day celebration, Union Home Minister Amit Shah launched the Cyber Fraud Mitigation Centre (CFMC), Samanvay platform (Joint Cybercrime Investigation Facilitation System), 'Cyber Commandos' program and Online Suspect Registry as efforts to combat the cyber crimes, establish cyber resilence and awareness and strengthening capabilities of law enforcement agencies.

Regulatory landscape Governing Cyber Crimes 

Information Technology Act, 2000 (IT Act) and the rules made therein, the Intermediary Guidelines, Digital Personal Data Protection Act, 2023 and Bhartiya Nyay Sanhita, 2023 are the major legislation in India governing Cyber Laws.  

CyberPeace Recommendations

There has been an alarming uptick in cybercrimes in the country highlighting the need for proactive approaches to counter these emerging threats. The government should prioritise its efforts by introducing robust policies and technical measures to reduce cybercrime in the country. The law enforcement agencies' capabilities must be strengthened with advanced technologies to deal with cyber crimes especially considering the growing sophisticated nature of cyber crime tactics used by cyber criminals. 

The netizens must be aware of the manipulative tactics used by cyber criminals to target them. Social media companies must also implement robust measures on their respective platforms to counter and prevent cyber crimes. Coordinated approaches by all relevant authorities, including law enforcement, cybersecurity agencies, and regulatory bodies, along with increased awareness and proactive engagement by netizens, can significantly reduce cyber threats and online criminal activities. 

References

• https://www.statista.com/statistics/1499739/india-cyber-crime-cases-reported-to-i4c/#:~:text=Cyber%20crime%20cases%20registered%20by%20I4C%20India%202019%2D2024&text=Over%20740%2C000%20cases%20of%20cyber,related%20to%20online%20financial%20fraud
• https://www.deccanherald.com/india/parliament-panel-to-examine-probe-agencies-efforts-to-tackle-cyber-crime-illegal-immigration-3270314
• https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2003158

‍