🇮🇳 India - 40 Million Indian Female Phone Numbers Database Advertised on Underground Forum
A threat actor is advertising a database allegedly containing information on 40 million Indian female individuals. The dataset appears to be categorized and structured using demographic and marketing-related attributes.
According to the sample provided, the dataset allegedly contains:
* Full names
* Mobile phone numbers
* Email addresses
* City information
* State information
* Gender identifiers
* Industry or category classifications
* Geographic location data
* Consumer segmentation attributes
Potential Risks:
* Large-scale SMS phishing (smishing)
* Voice phishing (vishing) campaigns
* Targeted scam operations against women
* Harassment and stalking risks
* Marketing abuse and spam campaigns
* Identity profiling and enrichment
* Social engineering attacks using demographic data
Analyst Note: Unlike typical corporate breach advertisements, this dataset appears to be a mass consumer contact database. The inclusion of phone numbers, email addresses, location information, and gender-based categorization significantly increases its value for fraudsters conducting targeted phishing, financial scams, and social engineering operations at scale. The original source and legality of the data remain unverified.
#DDW #Intelligence #DarkWeb #India
🇮🇳 A threat actor on a cybercrime forum is claiming a large-scale breach affecting multiple Indian electricity DISCOMs and associated telecom/SMS infrastructure providers.
According to the post, the actor alleges compromise of several state electricity distribution entities including:
• MVVNL
• PVVNL
• DVVNL
• KESCO
• PuVVNL
The actor claims the exposed data includes:
• User PII
• Aadhaar and PAN numbers
• Phone numbers and email addresses
• Meter and billing records
• KYC information
• Transaction and consent records
• Admin credentials, JWT tokens, hashed passwords, and OTP databases
The post further alleges exposure of:
• MongoDB, Elasticsearch, PostgreSQL, and MySQL databases
• SMS gateway infrastructure
• Hardcoded API keys and OAuth tokens
• Docker registries and Grafana dashboards
• Telecom-related DLT infrastructure and production systems
At this time, the claims remain unverified, and there is no official confirmation regarding the authenticity or scope of the alleged compromise.
If confirmed, the incident could represent a significant exposure impacting both energy and telecom-related infrastructure, with risks including:
• Identity theft and financial fraud
• Credential abuse
• SMS interception or abuse
• Supply chain compromise
• Disruption targeting utility and communications systems
#DDW #Intelligence #India #CyberSecurity #DataBreach #CriticalInfrastructure #DarkWeb #InfoSec
#RTI reply #
1. *Cross-voting in Rajya Sabha elections*
Kashmiris deserve to know the truth about the unprecedented cross-voting in the Rajya Sabha elections that helped @BJP4India win a seat despite lacking the required numbers.
2. *Breakdown of MLAs involved*
It is widely known that 8 MLAs voted in a manner that enabled the @BJP4India to secure the seat. The J&K Assembly has seven independent MLAs who are not required to show their votes to anyone.
-One of them is a minister.
-Three are @JKNC_ loyalists who contested as independents after their seats were allotted to @INCIndia as part of seat- sharing pact in 2024 Assembly polls.
The chances of these independents voting for @BJP4India are low. One of them admitted to the NC immediately after casting his vote that he had mistakenly voted for Shammi Oberoi instead of @ImranNDar
Since the number of non-BJP MLAs who benefited the @BJP4India stands at eight, MLAs belonging to political parties are also under suspicion of cross-voting.
3. *Party-affiliated MLAs must show marked ballot papers to authorised agents*
MLAs affiliated with a political party have to show their marked ballot paper to the authorised agent appointed by their party, irrespective of whether it has fielded a candidate. If an MLA refuses to show the marked ballot paper to the authorised agent, it results in cancellation if the authorised agent asks the presiding officer to do so.
4. *RTI disclosure by J&K Assembly CPIO*
In response to my RTI application, the CPIO of the J&K Assembly revealed that only three parties- NC, BJP, and Congress- appointed authorised agents to verify whom their MLAs voted for.
5. *PDP did not appoint an authorised agent*
This makes it clear that the PDP, which has fielded candidates in every Rajya Sabha election since 2002 except 2025 and has sent three MPs to the House so far, did not appoint an authorised agent. This revelation demands an answer from @JKPDP. This brings the party's role under scanner.
6. *Questions over Congress role*
The role of Congress is also questionable. Why did it appoint only one MLA as its authorised agent? This means its authorised agent, Nizamuddin Bhat, didn't show his vote to anyone. Why so? @INC needs to answer this.
🛡️ Cybersecurity Pop Quiz! 🛡️
What's often a sign of a phishing email? 🚨
A) Email from a trusted source
B) Urgent request for personal info
C) Proper grammar throughout
D) Personalized greeting
Comment your answer! #CyberSecurity#PhishingAlert
🚨 Another campaign with the Anatsa banking trojan has surfaced.
Kaspersky researchers found a malicious app on Google Play, downloaded 10K+ times before being removed, used to deliver the banking trojan. A user downloads a seemingly harmless PDF reader app, opens it and sees a prompt to update. If the ‘update’ button is hit, a banking trojan gets installed that would spy on the user to steal funds.
Both the dropper and the trojan itself are detected by Kaspersky, IOCs below:
Dropper:
5c9b09819b196970a867b1d459f9053da38a6a2721f21264324e0a8ffef01e20
C2: 23.251.108[.]10
Payload (Anatsa/TeaBot): c96b80bbdece972ff7ea7b5ef868b64e88a5ff880cda15f88b88a447515dc060
C2: 172.86.91[.]94