#FactCheck: A digitally altered video of actor Sebastian Stan shows him changing a ‘Tell Modi’ poster to one that reads ‘I Told Modi’ on a display panel.

Introduction

The Kumbh Mela is known worldwide as India's most significant pilgrimage and has earned a place on the UNESCO Intangible Cultural Heritage of Humanity list in 2017.  This year, the Maha Kumbh will be held in Prayagraj, Uttar Pradesh, with 40 crore devotees from all over the world expected to attend this momentous event from January 13th  to 26th February 2025. As the world embraces the blessings of digitalisation, people are increasingly relying on the Internet for arranging their travel, booking rooms, and securing accommodations for this grand spiritual journey. 

However, amidst this digital age, where the conveniences offered are manifold, there also lurks the shadow of deceit. Cybercriminals are finding innovative ways to entrap innocent individuals. Fraudulent activities are on the rise, with wrongdoers operating fake websites that promise secure bookings for cottages, tents, and other accommodations for the Mahakumbh event. Like the deceptive mirage that the desert traveller may mistakenly believe to be an oasis, these malicious sites lure pilgrims with the false hope of easy arrangements, only to exploit their trust and commit malicious cyber fraudulent activities. 

Policy and Preventive Measures Taken by Government

This year, the government has taken steps to utilise digitalisation services to enhance the experience of devotees, blending innovation with tradition. However, considering the rise in cyber scams, a dedicated cyber police station has also been established at Maha Kumbh 2025 to address threats such as the misuse of AI, the dark web, and social media platforms. This initiative aims to protect devotees from potential scams.

To strengthen safety measures, a special team of selected officers from across the state has been deployed in Mahakumbh Nagar, Prayagraj, to provide cybersecurity and ensure the safety of pilgrims. A dedicated cyber police station or digital police station will ensure round-the-clock monitoring of cyberspace.

‍

The cybersecurity team has already identified 44 suspicious websites and initiated action against them. To further safeguard devotees attending Maha Kumbh 2025, a large-scale awareness campaign is being conducted to educate users about potential cyber threats.

The Role of Digital Discipline in Navigating the Uncharted Waters of the Internet

As the Yajurveda (ancient Vedic scriptures of Hinduism) reminds us ‘सत्यं चानृतं च सत्यं अभवत्, यदेतत् तपसा तप्यताम्।’. This learning translates into English as "Truth and falsehood are both present, yet truth is purified through intense discipline”. The Mahakumbh is a confluence not just of rivers but of faith and humanity's eternal quest for truth (Satyam). In the digital age, this vigilance extends to protecting ourselves from cyber frauds and scams that exploit the sanctity of occasions like the Mahakumbh. Just as devotees seek purity through holy rituals, we must also embrace Digital Discipline to navigate the confluence of tradition and technology safely.

Here are some Digital Discipline best practices you must follow:

• Be cautious of fake websites, fraudulent travel agencies, and scam bookings. Always verify legitimacy before engaging in any  transactions.  
• Stay alert for fake donation requests and only contribute to verified organizations.
• Be aware of any mis/disinformation and implausible claims surrounding the Mahakumbh event and verify it from authenticated sources. The official website of Mahakumbh is https://kumbh.gov.in.
• To report any cybercrime or issue, you can report it on the National Cyber Crime Reporting Portal at https://cybercrime.gov.in/, equipped with a 24x7 helpline 1930 that serves as a powerful resource available to the victims of cybercrimes to report their cases.

Conclusion

Netizens worldwide must prioritise Digital Discipline to ensure they are safeguarded from the snares of these cyber miscreants, so that they may safely and joyfully embark on their journey to the Maha Kumbh and receive divine blessings and purity of purpose through the experience.

References

• https://www.deccanherald.com/india/uttar-pradesh/up-police-gets-on-its-toes-to-ensure-cyber-safe-maha-kumbh-3335911
• https://www.hindustantimes.com/cities/others/four-cyber-crooks-held-for-operating-fake-booking-websites-101735326388201.html
• https://www.indiatvnews.com/uttar-pradesh/maha-kumbh-2025-cyber-police-station-set-up-in-prayagraj-to-safeguard-devotees-from-online-frauds-in-city-preparation-security-other-details-2024-12-11-965745
• https://organiser.org/2024/12/12/268915/bharat/mahakumbh-2025-cyber-police-station-set-up-to-protect-devotees-from-ai-and-social-media-scammers/
• https://www.ptinews.com/story/national/maha-kumbh-56-cyber-warriors-deployed-to-safeguard-devotees-against-online-scams/2135062

According to Statista, the number of users in India's digital assets market is expected to reach 107.30m users by 2025 (Impacts of Inflation on Financial Markets, August 2023). India's digital asset market has been experiencing exponential growth fueled by the increased adoption of cryptocurrencies and blockchain technology. This furthers the need for its regulation. Digital assets include cryptocurrencies, NFTs, asset-backed tokens, and tokenised real estate. 

India has defined Digital Assets under Section 47(A) of the Income Tax Act, 1961. The Finance Act 2022-23 has added the word 'virtual' to make it “Virtual Digital Assets”. A “virtual digital asset” is any information or code, number, or token, created through cryptographic methods or otherwise, by any name, giving a digital representation of value exchanged with or without consideration. A VDA should contain an inherent value and represent a store of value or unit of account, functional in any financial transaction or investment. These can be stored,  transferred, or traded in electronic format. 

Digital Asset Governance: Update and Future Outlook

Indian regulators have been conservative in their approach towards digital assets, with the Reserve Bank of India first issuing directions against cryptocurrency transactions in 2018. This ban was removed by the Supreme Court through a court order in 2020. The presentation of the Cryptocurrency and Regulation of Official Digital Currency Bill of 2021 is a fairly important milestone in its attempts to lay down the framework for issuing an official digital currency by the Reserve Bank of India. While some digital assets seem to have potential, like the Central Bank Digital Currencies (CBDCs) and blockchain-based financial applications, a blanket prohibition has been enforced on private cryptocurrencies.

However, in more recent trends, the landscape is changing as the RBI's CBDC is to provide a state-backed digital alternative to cash under a more structured regulatory framework. This move seeks to balance state control with innovation on investor safety and compliance, expecting to reduce risk and enhance security for investors by enacting strict anti-money laundering and know-your-customer laws. Highlighting these developments is important to examine how global regulatory trends influence India's digital asset policies.

Impact of Global Development on India’s Approach 

Global regulatory developments have an impact on Indian policies on digital assets. The European Union's Markets in Crypto-assets (MiCA) is to introduce a comprehensive regulatory framework for cryptocurrencies that could act as an inspiration for India. MiCA regulation covers crypto-assets that are not currently regulated by existing financial services legislation. Its particular focus on consumer protection and market integrity resonates with India in terms of investigating needs related to digital assets, including fraud and price volatility. Additionally, evolving policies in the US, such as regulating crypto exchanges and classifying certain tokens as securities, could also form the basis for India's regulatory posture.

Collaboration on the international level is also a chief contributing factor. India’s regular participation in global forums like the G20, facilitates an opportunity to align its regulations on digital assets with other countries, tending toward an even more standardised and predictable framework for cross-border transactions. This can significantly help India given that the nation  has a huge diaspora providing a critical inflow of remuneration.

CyberPeace Outlook

Though digital assets offer many opportunities to India, challenges also exist. Cryptocurrency volatility affects investors, posing concerns over fraud and illicit dealings. A balance between the need for innovation and investor protection is paramount to avoid killing the growth of India's digital asset ecosystem with overly restrictive regulations.

Financial inclusion, efficient cross-border payments with low transaction costs, and the opening of investment opportunities are a few opportunities offered by digital assets. For example, the tokenisation of real estate throws open real estate investment to smaller investors. To strengthen the opportunities while addressing challenges, some policy reforms and new frameworks might prove beneficial. 

CyberPeace Policy Recommendations

• Establish a regulatory sandbox for startups working in the area of blockchain and digital assets. This would allow them to test innovative solutions in a controlled environment with regulatory oversight minimising risks.
• Clear guidelines for the taxation of digital assets should be provided as they will ensure transparency, reduce ambiguity for investors, and promote compliance with tax regulations. Specific guidelines can be drawn from the EU's MiCA regulation.  
• Workshops, online resources, and campaigns are some examples of initiatives aimed at improving consumer awareness about digital assets, benefits and associated risks that should be implemented. Partnerships with global fintech firms will provide a great opportunity  to learn best practices.

Conclusion

India is positioned at a critical juncture with respect to the debate on digital assets. The challenge which lies ahead is one of balancing innovation with effective regulation. The introduction of the Central Bank Digital Currency (CBDC) and the development of new policies signal a willingness on the part of the regulators to embrace the digital future. In contrast, issues like volatility, fraud, and regulatory compliance continue to pose hurdles. By drawing insights from global frameworks and strengthening ties through international forums, India can pave the way for a secure and dynamic digital asset ecosystem. Embracing strategic measures such as regulatory sandboxes and transparent tax guidelines will not only protect investors but also unlock the immense potential of digital assets, propelling India into a new era of financial innovation and inclusivity.

References

• https://www.weforum.org/agenda/2024/10/different-countries-navigating-uncertainty-digital-asset-regulation-election-year/ 
• https://www.acfcs.org/eu-passes-landmark-crypto-regulation 
• https://www.indiabudget.gov.in/budget2022-23/doc/Finance_Bill.pdf 
• https://www.weforum.org/agenda/2024/10/different-countries-navigating-uncertainty-digital-asset-regulation-election-year/
• https://www3.weforum.org/docs/WEF_Digital_Assets_Regulation_2024.pdf 

‍

Introduction

In the labyrinthine world of cybersecurity, a new spectre has emerged from the digital ether, casting a long shadow over the seemingly impregnable orchards of Apple's macOS. This phantom, known as SpectralBlur, is a backdoor so cunningly crafted that it remained shrouded in the obscurity of cyberspace, undetected by the vigilant eyes of antivirus software until its recent unmasking. The discovery of SpectralBlur is not just a tale of technological intrigue but a narrative that weaves together the threads of geopolitical manoeuvring, the relentless pursuit of digital supremacy, and the ever-evolving landscape of cyber warfare.

SpectralBlur, a term that conjures images of ghostly interference and elusive threats, is indeed a fitting moniker for this new macOS backdoor threat. Cybersecurity researchers have peeled back the layers of the digital onion to reveal a moderately capable backdoor that can upload and download files, execute shell commands, update its configuration, delete files, and enter states of hibernation or sleep, all at the behest of a remote command-and-control server. Greg Lesnewich, a security researcher whose name has become synonymous with the relentless pursuit of digital malefactors, has shed light on this new threat that overlaps with a known malware family attributed to the enigmatic North Korean threat actors.

SpectralBlur similar to Lazarus Group’s KANDYKORN

The malware shares its DNA with KANDYKORN, also known as SockRacket, an advanced implant that functions as a remote access trojan capable of taking control of a compromised host. It is a digital puppeteer, pulling the strings of infected systems with a malevolent grace. The KANDYKORN activity also intersects with another campaign orchestrated by the Lazarus sub-group known as BlueNoroff, or TA444, which culminates in the deployment of a backdoor referred to as RustBucket and a late-stage payload dubbed ObjCShellz.

Recently, the threat actor has been observed combining disparate pieces of these two infection chains, leveraging RustBucket droppers to deliver KANDYKORN. This latest finding is another sign that North Korean threat actors are increasingly setting their sights on macOS to infiltrate high-value targets, particularly those within the cryptocurrency and blockchain industries. 'TA444 keeps running fast and furious with these new macOS malware families,' Lesnewich remarked, painting a picture of a relentless adversary in the digital realm.

Patrick Wardle, a security researcher whose insights into the inner workings of SpectralBlur have further illuminated the threat landscape, noted that the Mach-O binary was uploaded to the VirusTotal malware scanning service in August 2023 from Colombia. The functional similarities between KANDYKORN and SpectralBlur have raised the possibility that they may have been built by different developers with the same requirements. What makes the malware stand out are its attempts to hinder analysis and evade detection while using grant to set up a pseudo-terminal and execute shell commands received from the C2 server.

The disclosure comes as 21 new malware families designed to target macOS systems, including ransomware, information stealers, remote access trojans, and nation-state-backed malware, were discovered in 2023, up from 13 identified in 2022. 'With the continued growth and popularity of macOS (especially in the enterprise!), 2024 will surely bring a bevvy of new macOS malware,' Wardle noted, his words a harbinger of the digital storms on the horizon.

Hackers are beefing up their efforts to go after the best MacBooks as security researchers have discovered a brand new macOS backdoor which appears to have ties to another recently identified Mac malware strain. As reported by Security Week, this new Mac malware has been dubbed SpectralBlur and although it was uploaded to VirusTotal back in August of last year, it remained undetected by the best antivirus software until it recently caught the attention of Proofpoint’s Greg Lesnewich.

Lesnewich explained that SpectralBlur has similar capabilities to other backdoors as it can upload and download files, delete files and hibernate or sleep when given commands from a hacker-controlled command-and-control (C2) server. What is surprising about this new Mac malware strain though is that it shares similarities to the KandyKorn macOS backdoor which was created by the infamous North Korean hacking group Lazarus.

Just like SpectralBlur, KandyKorn is designed to evade detection while providing the hackers behind it with the ability to monitor and control infected Macs. Although different, these two Mac malware strains appear to be built based on the same requirements. Once installed on a vulnerable Mac, SpectralBlur executes a function that allows it to decrypt and encrypt network traffic to help it avoid being detected. However, it can also erase files after opening them and then overwrite the data they contain with zeros..

How to keep your Apple computers safe from hackers

As with the best iPhones, keeping your Mac up to date is the easiest and most important way to keep it safe from hackers. Hackers often prey on users who haven’t updated their devices to the latest software as they can exploit unpatched vulnerabilities and security flaws.

Checking to see if you're running the latest macOS version is quite easy. Just click on the Apple Logo in the top right corner of your computer, head to System Preferences and then click on Software Update. If you need a bit more help, check out our guide on how to update a Mac for more detailed instructions with pictures.

Even though your Mac has its own built-in malware scanner from Apple called xProtect, you should consider using one of the best Mac antivirus software solutions for additional protection. Paid antivirus software is often updated more frequently and you often also get access to other extras to help keep you safe online like a password manager or a VPN.

Besides updating your Mac frequently and using antivirus software, you must be careful online. This means sticking to trusted online retailers, carefully checking the URLs of the websites you visit and avoiding opening links and attachments sent to you via email or social media from people you don’t know. Likewise, you should also learn how to spot a phishing scam to know which emails you want to delete right away.

Conclusion 

The thing about hackers and other cybercriminals is that they are constantly evolving their tactics and attack methods. This helps them avoid detection and allows them to devise brand-new ways to trick ordinary people. With the surge we saw in Mac malware last year, though, Apple will likely be working on beefing up xProtect and macOS to better defend against these new threats.

References 

• https://www.scmagazine.com/news/new-macos-malware-spectralblur-idd-as-north-korean-backdoor
• https://www.tomsguide.com/news/this-new-macos-backdoor-lets-hackers-take-over-your-mac-remotely-how-to-stay-safe
• https://thehackernews.com/2024/01/spectralblur-new-macos-backdoor-threat.html