Search This Blog

Showing posts with label CBI. Show all posts

CBI Booked Firms for Harvesting Data of 5.62 Lakh Indian Facebook Users

 

The Central Bureau of Investigation (CBI) has lodged a case regarding an unlawful collection of personal information of nearly 5.62 lakh Indian Facebook users and the use of information to manipulate elections in India. In regards, CBI has booked Cambridge Analytica, the UK's political consultancy company, and another UK- based firm Global Science Research Ltd. 

In a preliminary CBI inquiry in July 2018 following a complaint from the Electronics and Information Technology Ministry, investigative officials discovered that Aleksandr Kogan, the Founder-Director of the Global Research Limited (GSRL), created an app called ‘This Is Your Digital Life’, which was used to collect data of Facebook users under the tag "academic and research purposes", as stated in the policy of the digital platform. Further in a probe, it was revealed that approximately 335 Indians had downloaded this app, whereby data of their Facebook friends- nearly 5.62 lakh, had been allegedly harvested without their knowledge. 

During the early investigation, Cambridge Analytica and GSRL reported criminal offenses, and the department later booked all companies for criminal conspiracy and cyber-crime. The organization Cambridge Analytica was initially accused of harvesting details of Facebook users and then manipulating it to obtain success in America, more precisely, the elections for 2016, as well as the Donald Trump campaign. Cambridge Analytica first became the subject of scrutiny three years ago.

In response, Facebook replied, “Data of 5.62 lakh Indians users might have been illegally harvested." Cambridge Analytica on the other hand responded that ”they only received data of UK users from the Global Science Private Limited.” 

According to CBI, these two companies had approached Facebook. Facebook later in conversation with CBI, told that they did allow Global Science Research ltd with their application, but they illegally collected the data of 5.62 lakhs users and later shared it with Cambridge Analytica. The data stolen contains information of the users, page likes, their private data, personal messages, and chats. Reportedly, the stolen information was later used to influence elections in India. 

Out of the 335 app users contacted by the CBI, six replied and were subsequently investigated. They all claimed that the software fooled them and that they were not aware that their personal and friends' data had been improperly gathered, the FIR suggested, adding that all six said they would not have used the app if they had the slightest indication that their privacy would be violated. 

Both UK-based companies have been booked by CBI for criminal conspiracy and violation of the IT Acts.

The CBI Registers Case of Alleged Hacking AndUnauthorised Online Transactions Involving $1.41 Million.


The Central Bureau of Investigation (CBI) on Monday registered a case against an on-site resource of Yalamanchili Software operations team, which provides the prepaid card application.

The accused, Sandeep Kumar Poojary is culpable of hacking a foreign travel card database and 374 unauthorised online transactions involving $1.41 million through three prepaid cards issued by the State Bank of India (SBI).

There are as yet many suspected to be involved with this case registered under various provisions of the IPC and the IT Act.

“Manpower resources for handling the system operations were also provided by Yalamanchili Software...”said SBI, in its complaints.

The wakeup call actually came up a year ago in February, when Yalamanchili software's COO reported the incidence to the bank, expressing that the balance in the prepaid card system had been modified deceitfully for authorisation of three foreign travel cards having a place with a solitary client.

The authorisation was said to have occurred over online business sites (e-commerce websites) of four shippers predominantly: Neteller.com, Entropay, Swiftvoucher and Skrill.com and these exchanges were carried out from November 8, 2016 to February 12, 2017.

The bank's NRI Seawoods branch in Navi Mumbai issued the primary card on November 7, 2016. Two more add-ons were issued to the user on November 29 and December 7, 2016, by the same branch.

As indicated by the FIR, the merchant transactions came by the means of VISA with the nation code as Great Britain, and the transaction and billing currency as U.S. dollars.

While the exchanges occurred on the prepaid card system, the balance seemed to have been modified manually by means of the Oracle Database access; the Yalamanchili Software Exports told the bank. Post authorisation the settlement transactions and authorisation alongside the general ledger entry was deleted.

The balance sheet generated on the prepaid card system therefore, did not display any difference.
 Additionally the bank added that after the swindling was identified, SBI managed successfully to block the three cards, banish the users from transacting on the four merchant sites, and abrogated the privilege of application user for executing database package.

Tatkal Ticket Scam Uncovered, CBI Official Arrested

Ajay Garg, an assistant programmer at the Central Bureau of Investigation (CBI), has been arrested by his own agency for developing a software that exploits the vulnerabilities of the IRCTC railway ticketing system to book over 1000 Tatkal tickets at a time.

Ajay joined CBI in 2012 and had been working with IRCTC previously for five years (2007-2011).

Rather than reporting the vulnerabilities found by him, Garg instead used them for his own gain and amassed a huge wealth by making his software available to travel agents through his accomplice Anil Gupta, who can then easily book Tatkal tickets for clients for a fee using the software.

As seats are limited, by the time the users fill in their details, the Tatkal quota is already booked. So the users turn to travel agents who can book these tickets using the software. These tickets are genuine and the payments of the tickets go to the railways, according to officials.

However, in addition to the cost of the software, there is a charge on every ticket booked using the software, which is paid to Garg using a complex system of Indian and foreign servers, online masking, and cryptocurrencies like bitcoin.

“Use of such software is illegal as per rules and regulations of IRCTC and also under the Railways Act,” Abhishek Dayal, CBI spokesperson, said.

Garg and Gupta, along with 13 others including Garg’s family members and travel agents, have been arrested.

According to Dayal, the CBI has carried out searches at 14 locations in Delhi, Mumbai, and Jaunpur during which it recovered Rs 89.42 lakh in cash, gold jewellery valued at Rs 61.29 lakh, 15 laptops, 15 hard disks, 52 mobile phones, 24 SIM cards, 10 notebooks, 6 routers, 4 dongles, and 19 pen drives.

Both Garg and Gupta have been sent to a five-day CBI custody by a court.