#FactCheck: Viral AI image shown as AI -171 caught fire after collision

Introduction

In a groundbreaking move, India's Reserve Bank has embarked on a transformative journey with its Central Bank Digital Currency (CBDC) project. As the world grapples with the evolving landscape of digital finance, the implications of India's CBDC initiative extend beyond its borders, potentially reshaping global payment systems. The Union Minister of State for Finance, Shri Pankaj Chaudhary, revealed that on October 7, 2022, the Reserve Bank of India released a proposal note on Central Bank Digital Currency (CBDC). Two pilot projects using blockchain-based technology are described in the concept note: Digital Rupee-Wholesale (e₹-W) and Digital Rupee-Retail (e₹-R). Launched on November 1, 2022, the bulk trading pilot aims to increase intermediary competitiveness, particularly in the resolution of trades in the secondary market involving sovereign debt. In parallel, on December 1, 2022, the retail banking pilot, known as e₹-R, got underway in a limited user group with eight banks taking part in stages.

The digital asset known as e₳-R is issued across financial institutions for Person-to-Person (P2P) and Person-to-Merchant (P2M) transactions. It is intended to serve as a virtual currency that represents legal money and exhibits characteristics similar to actual cash. Based on input gathered during the continuing trial phases, the RBI intends to progressively broaden the pilot project's scope.

Central Bank Digital Currency Pilot Projects

Central Bank Digital Currency (CBDC), which the Central Bank of India is promoting, may easily perform an essential part in payments made across borders, according to Reserve Bank Governor Shaktikanta Das. The CBDC is going to be expanded to the international financial markets after being implemented as a trial in both the retail and wholesale industries.

CBDC in International Payments

He emphasized that although physical currency will still exist, the CBDC will eventually replace all forms of money worldwide.  

"CBDC is going to be the future currency of the world and it is necessary that every central bank, every country works on CBDC," he stated. He also stated that as worldwide commerce moves more and more around science and technology, CBDCs will play a significant role since they can effectively and affordably speed up payment processing across different countries. Regarding India's foreign exchange reserves, the governor stated that the selection to increase the resources as a safety net and protection versus contagion possibilities was made consciously.

CBDCs' Place in the Transnational Economic Revolution

In certain economies worldwide, having a CBDC internationally accessible could lead to more replacements for foreign currencies rather than the home currencies, which could cause financial aggregates to become volatile and change the mix of instruments of exchange.

CBDC may have benefits related to first-mover savings of scale, and other consequences even in everyday circumstances. If nations with global currencies have established CBDCs, they could strengthen current advantages and disadvantages, including consequences, particularly in terms of revenue. In a similar vein, CBDC might alter the structure of international liquidity while safeguarding asset supply. Additionally, and particularly if imposed abruptly, CBDC may, in certain circumstances, result in significant capital movements and associated repercussions on the foreign exchange rate as well as additional asset prices. Furthermore, nations may encounter difficulties in getting ready for virtual currencies issued by central banks.

The worldwide and international scope of CBDCs accessible to immigrants may become particularly apparent in situations where there is a widespread flight safety concern. In these circumstances, converting a CBDC into a foreign currency would make it possible for capital markets to deleverage more quickly. The elimination of debt challenges could show up as tight finance constraints and abrupt swings in foreign exchange markets if CBDCS expedited its flight from uncertainty.

Deposits of Foreign Exchange and Self-Dependency

Reserve Bank Governor Shaktikanta Das stated "We must rely on ourselves. We must maintain our robust reserves. In order to achieve that goal, we have been amassing quite substantial reserves, and the outside world has come to feel quite confident that India would be able to fulfil its contractual responsibilities to the international community no matter what the obstacles," 

Involvement of RBI in the Currency Market

Given that the trading community was confident that the Reserve Bank of India would be capable of and able to fulfil its contractual responsibilities, the value of the Indian rupee did not decline as dramatically. The RBI governor stated that the RBI does participate in the economy, but that "our engagement operates in two ways," he would not hesitate to acknowledge this.

The Value of Macroeconomic and Budgetary Cooperation

According to RBI Governor Das, the RBI makes purchases and sales of dollars based on the direction in which the financial sector is trending. However, the RBI does not intend to set a certain level for the rupee because it does not consider any specific threshold for the Indian rupee's conversion rate against the US dollar. He also emphasized how crucial it is for both the financial and monetary authorities to work together.

Conclusion

India's CBDC project signals a transformative shift in the global digital finance landscape. Governor Shaktikanta Das envisions CBDCs as the future global currency, emphasizing their role in international payments. The potential impact on financial systems, cross-border transactions, and the need for self-reliance underscore the significance of India's CBDC initiative in shaping the evolving dynamics of the digital economy. As the project progresses, close cooperation between financial and monetary authorities becomes imperative for navigating the challenges and opportunities associated with this groundbreaking venture.

References

• https://economictimes.indiatimes.com/news/economy/policy/central-bank-digital-currency-can-play-important-role-in-cross-border-payment-rbi-guv/articleshow/104706717.cms
• https://www.bis.org/cpmi/publ/d174.pdf
• https://bfsi.economictimes.indiatimes.com/news/fintech/explained-how-rbi-is-leveraging-upi-to-push-the-use-of-retail-cbdc/103591989
• https://www.imf.org/en/News/Articles/2022/02/09/sp020922-the-future-of-money-gearing-up-for-central-bank-digital-currency
• https://www.business-standard.com/economy/news/cbdc-pilot-projects-show-promising-results-rbi-governor-shaktikanta-das-123102601171_1.html

Executive Summary:

Recently, CyberPeace faced a case involving a fraudulent Android application imitating the Punjab National Bank (PNB). The victim was tricked into downloading an APK file named "PNB.apk" via WhatsApp. After the victim installed the apk file, it resulted in unauthorized multiple transactions on multiple credit cards.

Case Study: The Attack: Social Engineering Meets Malware

The incident started when the victim clicked on a Facebook ad for a PNB credit card. After submitting basic personal information, the victim receives a WhatsApp call from a profile displaying the PNB logo. The attacker, posing as a bank representative, fakes the benefits and features of the Credit Card and convinces the victim to install an application named PNB.apk.  The so called bank representative sent the app through WhatsApp, claiming it would expedite the credit card application. The application was installed in the mobile device as a customer care application. It asks for permissions such as  to send or view SMS messages. The application opens only if the user provides this permission. 

‍

It extracts the credit card details from the user such as Full Name, Mobile Number, complain, on further pages irrespective of  Refund, Pay or Other. On further processing, it asks for other information such as credit card number, expiry date and cvv number. 

‍

Now the scammer has access to all the details of the credit card information, access to read or view the sms to intercept OTPs. 

The victim, thinking they were securely navigating the official PNB website, was unaware that the malware was granting the hacker remote access to their phone. This led to ₹4 lakhs worth of 11 unauthorized transactions across three credit cards.

The Investigation & Analysis:

Upon receiving the case through CyberPeace helpline, the CyberPeace Research Team acted swiftly to neutralize the threat and secure the victim’s device. Using a secure remote access tool, we gained control of the phone with the victim’s consent. Our first step was identifying and removing the malicious "PNB.apk" file, ensuring no residual malware was left behind. 

Next, we implemented crucial cyber hygiene practices:

1. Revoking unnecessary permissions – to prevent further unauthorized access.
2. Running antivirus scans – to detect any remaining threats.
3. Clearing sensitive data caches – to remove stored credentials and tokens.

The CyberPeace Helpline team assisted the victim to report the fraud to the National Cybercrime Portal and helpline (1930) and promptly blocked the compromised credit cards.

The technical analysis for the app was taken ahead and by using the md5 hash file id. This app was marked as malware in virustotal and it has all the permissions such as Send/Receive/Read SMS, System Alert Window.  

‍

In the similar way, we have found another application in the name of “Axis Bank” which is circulated through whatsapp which is having similar permission access and the details found in virus total are as follows:

‍

‍

‍

Recommendations:

This case study implies the increasingly sophisticated methods used by cybercriminals, blending social engineering with advanced malware. Key lessons include:

• Be vigilant when downloading the applications, even if they appear to be from legitimate sources. It is advised to install any application after checking through an application store and not through any social media. 
• Always review app permissions before granting access.
• Verify the identity of anyone claiming to represent financial institutions.
• Use remote access tools responsibly for effective intervention during a cyber incident.

By acting quickly and following the proper protocols, we successfully secured the victim’s device and prevented further financial loss.

‍

Executive Summary:

CVE 2024-3094 is a backdoor vulnerability recently found in Kali Linux installations that happened between March 26th to 29th. This vulnerability was found in XZ package version 5.6.0 to 5.6.1. It could allow the malicious actor to compromise SSHD authentication, and grant unauthorized access to the entire system remotely. The users who have installed or updated Kali Linux during the said time are advised to update their system to safeguard against this vulnerability. 

The Dangerous Backdoor

The use of the malicious implant found in XZ Utils as a remote code execution tool makes it more dangerous, because of its ability to compromise the affected systems. Initially, researchers believed the vulnerability enabled an authentication bypass for the OpenSSH server (SSHD) process. However, further analysis revealed it is better characterized as a remote code execution (RCE) vulnerability.

The backdoor intercepts the RSA_public_decrypt function, verifies the host's signature using a fixed Ed448 key, and if successful, executes malicious code passed by the attacker via the system() function. This leaves no trace in SSHD logs and makes it difficult to detect the vulnerability. 

Impacted Linux Distributions

The compromised versions of XZ Utils have been found in the following Linux distributions released in March 2024:

• Kali Linux (between March 26 and March 29)
• openSUSE Tumbleweed and openSUSE MicroOS (March 7 to March 28)
• Fedora 41, Fedora Rawhide, and Fedora Linux 40 beta
• Debian (testing, unstable, and experimental distributions only)
• Arch Linux container images (February 29 to March 29)
• Meanwhile, distributions such as Red Hat Enterprise Linux (RHEL), SUSE Linux Enterprise, openSUSE Leap, and Debian Stable are not believed to be affected.

How Did This Happen?

The malicious code appears to have been inserted by taking advantage of a typical control transfer vulnerability. The original maintainer of the XZ Libs project on GitHub handed over control of the repository to an account that had been contributing to various data compression-related projects for several years. It was at this point that the backdoor was implanted in the project code.

Fortunately, the Potential Disaster Was Averted

As per Igor Kuznetsov, head of Kaspersky's Global Research and Analysis Team (GReAT), the vulnerability CVE-2024-3094 is considered as the largest scale attack that has happened in the Linux ecosystem history. Because it targeted the primary remote management tool for Linux servers on the internet which is  SSH servers.  

As this vulnerability was detected in the testing and rolling distributions in the short period of time, where the latest software packages are used. This results to the minimum damage to the linux users and so far no case of CVE-2024-3094 being actively exploited have been detected.

Staying Safe

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) advises that users who installed or updated the affected operating systems in March immediately roll back to XZ Utils 5.4.6 version and be on alert for any malicious activity. It is recommended to change the passwords in the case of a distribution where a weak version of XZ Utils has been installed. 

The Yara rule has been released to detect any infected systems by CVE-2024-3094 Vulnerability. 

Conclusion

The discovery of the XZ Utils backdoor provides a reminder to be vigilant in the open source software environment. This supply chain attack highlights the importance of strong security measures, elaborate code reviews, and regular distribution of security updates to provide shield against such vulnerabilities. Always staying informed and taking the necessary precautions, Linux users can mitigate the potential impact of this vulnerability to keep their systems safe.

References : 

• https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html 
• https://www.helpnetsecurity.com/2024/03/29/cve-2024-3094-linux-backdoor/ 
• https://www.kali.org/blog/about-the-xz-backdoor/ 
• https://www.kaspersky.com/blog/cve-2024-3094-vulnerability-backdoor/50873/ 
• https://www.rapid7.com/blog/post/2024/04/01/etr-backdoored-xz-utils-cve-2024-3094/ 

‍