#FactCheck-Air Taxi is a prototype and is not launched to commercial public
Executive Summary:
Recent reports circulating on various social media platforms have falsely claimed that an air taxi prototype is operational and providing services between Amritsar, Chandigarh, Delhi, and Jaipur. These claims, accompanied by images and videos, have been widely shared, leading to significant public attention. However, upon conducting a thorough examination using reverse image search, it has been determined that the information is misleading and inaccurate. These assertions do not reflect the current reality and are not substantiated by credible sources

Claim:
The claim suggests that an air taxi prototype is already operational, servicing routes between Amritsar, Chandigarh, Delhi, and Jaipur. This assertion is accompanied by images of a futuristic aircraft, implying that such technology is currently being used to transport commercial passengers.

Fact Check:
The claim of air taxi and routes between Amritsar, Chandigarh, Delhi, and Jaipur has been found to be misleading. Also, so far, neither the Indian government nor the respective aviation authorities have issued any sort of public declarations nor industry insiders to claim any launch of any air taxi service. Further research followed a keyword-based search that directed us to a news report published in The Times of India on January 20, 2025. A similar post to the one seen in the viral video accompanied the report. It stated that Bengaluru-based aerospace startup Sarla Aviation launched its prototype air taxi called “Shunya” during the Bharat Mobility Global Expo. Under this plan, it looks to initiate electric flying taxis in Bangalore by 2028. This urban air transport program for India will be similar to what they are posting in this regard.

Conclusion:
The viral claim saying that there is an air taxi service in India between Amritsar, Chandigarh, Delhi, and Jaipur is entirely false. The pictures and information going viral are misleading and do not relate to any progress or implementation of air taxi technology in India. To date, there is no official confirmation or credible evidence that supports such a service. Information must be verified from reliable sources before it is believed or shared in order to prevent the spread of misinformation.
- Claim: A viral post claims an air taxi is operational between Amritsar, Chandigarh, Delhi, and Jaipur.
- Claimed On: Social Media
- Fact Check: False and Misleading
Related Blogs

Executive Summary:
Social media is buzzing with a link that claims to offer an iPhone 15 as a gift from LuLu Hypermarket, presented as part of Holi celebrations. This article examines the deceptive tactics behind this fraudulent offer and provides guidance on recognizing and avoiding such scams.
False Claim:
The link being shared is misleading and falsely claims that LuLu Hypermarket is giving away free iPhone 15 phones. This is taking advantage of the Holi festival to trick unsuspecting people. When users click on the link, they are redirected multiple times and end up on a page with LuLu Hypermarket's photo and some simple questions. Fake comments are also used to make the offer seem genuine, but it is all a deception.
The Deceptive Scheme:
The plan uses psychological tricks by linking the offer to a famous brand and a popular celebration. The landing page's simplicity and phoney comments try to make users trust it and feel like they need to act fast, so they'll join the scam.
The Fraudulent Campaign Analysed:
The scammers are using psychological tactics to manipulate people. They're exploiting the trust people have in LuLu Hypermarket and the excitement around the new iPhone 15 during the Holi festival. The fake questionnaire serves no real purpose, but it's a way to engage users and make the scam seem legitimate. Testimonials claiming people have successfully received the iPhone 15 are also fake, designed to create a false sense of credibility. Users are prompted to select a "gift box," which adds an interactive element to draw them in further. When a user selects a box, they're falsely congratulated on winning the iPhone 15, giving them a sense of accomplishment. Finally, users are urged to share the link via WhatsApp to "claim" the gift, spreading the scam to more potential victims.
What do we Analyse? :
- We analyse the deceptive tactics employed by the scam, including psychological manipulation, false engagement techniques, and fake testimonials, all aimed at convincing users of the offer's legitimacy.
Link : (https://sophisticateddistort[.]top/nTiwpTTTT526?llue1696559991144)
- It is important to note that at this particular point, there has not been any official declaration or a proper confirmation of an offer made by Lulu Hypermarket So, people must be very careful when encountering such messages because they are often employed as lures in phishing attacks or misinformation campaigns. Before engaging or transmitting such claims, it is always advisable to authenticate the information from trustworthy sources in order to protect oneself online and prevent the spread of wrongful information
- The campaign is hosted on a third party domain instead of any official Website of LuLu Hypermarket, this raised suspicion. Also the domain was registered last year.
- The intercepted request revealed a connection to a China-linked analytical service, Baidu in the backend.

- Domain Name: sophisticateddistort.top
- Registry Domain ID: D20230629G10001G_04181852-top
- Registrar WHOIS Server: whois.west263.com
- Registrar URL: www.west263.com
- Updated Date: 2023-07-01T02:55:34Z
- Creation Date: 2023-06-29T06:05:00Z
- Registry Expiry Date: 2024-06-29T06:05:00Z
- Registrar: Chengdu west dimension digital
- Registrant State/Province: Shan Xi
- Registrant Country: CN (China)
- Name Server: curt.ns.cloudflare.com
- Name Server: harlee.ns.cloudflare.com
Note: Cybercriminal used Cloudflare technology to mask the actual IP address of the fraudulent website.
CyberPeace Advisory:
- Do not open those messages received from social platforms in which you think that such messages are suspicious or unsolicited. In the beginning, your own discretion can become your best weapon.
- Falling prey to such scams could compromise your entire system, potentially granting unauthorised access to your microphone, camera, text messages, contacts, pictures, videos, banking applications, and more. Keep your cyber world safe against any attacks.
- Never, in any case, reveal such sensitive data as your login credentials and banking details to entities you haven't validated as reliable ones.
- Before sharing any content or clicking on links within messages, always verify the legitimacy of the source. Protect not only yourself but also those in your digital circle.
- For the sake of the truthfulness of offers and messages, find the official sources and companies directly. Verify the authenticity of alluring offers before taking any action.
Conclusion:
During the festive season, as we engage in merrymaking and online activities, we should be mindful of fraudster's exploitation strategies. Another instance is the illegitimate Lulu Hypermarket offer of the upcoming iPhone 15. With the knowledge and carefulness, we can report any suspicious actions to avoid being victims of fraud in this way. Keep in mind the fact that legitimate offers are usually issued by trustworthy sources while if, the offer looks too good to be true, then it is rather a scam.

Introduction
Data protection has been a critical aspect of advocacy and governance all across the world. Data fuels our cyber-ecosystem and strengthens the era of emerging technologies. All industries and sectors are now dependent upon the data of the user. The governments across the world have been deliberating internally to address the issue and legality of Data protection and privacy. The Indian government has witnessed various draft bills and policies focusing on Data protection over the years, and the contemporary bill is the Digital Personal Data Protection Bill, 2023, which was tabled at the Lok Sabha (Lower House of Parliament) on 03 August for discussions and parliamentary assent.
What is DPDP, 2023?
The goal of the complete and comprehensive Digital Personal Data Protection Bill of 2023 is to establish a framework for the protection of personal data in India. The measure acknowledges the significance of protecting personal data and seeks to strike a balance between the necessity to process personal data for legitimate purposes and the right of individuals to do so. The bill establishes a number of crucial expressions and ideas associated with the protection of personal data, including “data fiduciary,” “data principal,” and “sensitive personal data.” It also emphasises the duties of data fiduciaries, including the need to establish suitable security measures to preserve personal data and the need to secure data principals’ consent before processing their personal information. The measure also creates the Data Protection Board of India, which would implement its requirements and guarantee data fiduciaries’ compliance. The board will have the authority to look into grievances, give directives, and impose sanctions for non-compliance.
Key Features of the Bill
The bill tabled at the parliament has the following key features:
- The 2023 bill imposes reasonable obligations on data fiduciaries and data processors to safeguard digital personal data.
- Under the 2023 bill, a new Data Protection Board is established, which will ensure compliance, remedies and penalties.
- Under the new bill, the Board has been entrusted with the power equivalent to a civil court, such as the power to take cognisance in response to personal data breaches, investigate complaints, imposing penalties. Additionally, the Board can issue directions to ensure compliance with the act.
- The 2023 bill also secures more rights of Individuals and establishes a balance between user protection and growing innovations.
- The bill creates a transparent and accountable data governance framework by giving more rights to individuals.
- There is an Incorporation of Business-friendly provisions by removing criminal penalties for non-compliance and facilitating international data transfers.
- The new 2023 bill balances out fundamental privacy rights and puts reasonable limitations on those rights.
- The new data protection board will carefully examine the instance of non-compliance by imposing penalties on non-compiler.
- The bill does not provide any express clarity in regards to compensation to be granted to the Data Principal in case of a Data Breach.
- Under 2023 Deemed consent is there in its new form as ‘Legitimate Users’ pertaining to the conditions in regard to Sovernity and Intergrity of India.
- There is an introduction of the negative list, which restricts cross-data transfer.
Additionally, the measure makes special provisions for the processing of children’s personal data and acknowledges the significance of protecting children’s privacy. Additionally, it highlights the rights of the data subjects, including their right to access their personal information, their right to have wrong information corrected, and their right to be forgotten.
Drive4CyberPeace
A campaign was undertaken by CyberPeace to gain a critical understanding of what people understand about Data privacy and protection in India. The 4-month long campaign led to a pan-India interaction with netizens from different areas and backgrounds. The thoughts and opinions of the netizens were understood and collated in the form of a whitepaper which was, in turn, presented to Parliamentarians and government officials. The whitepaper laid the foundation of the recommendations submitted to the Ministry of Electronics and Information Technology as part of the stakeholder consultation.
Conclusion
Overall, the Digital Personal Data Protection Bill of 2023 is an important step towards safeguarding Indian citizens’ privacy and personal data. It creates a regulatory agency to guarantee compliance and enforcement and offers a thorough framework for data protection. The law includes special measures for the protection of sensitive personal data and the personal data of children and acknowledges the significance of striking a balance between the right to privacy and the necessity of data processing.

Overview:
A recent addition to the list of cybercrime is SharpRhino, a RAT (Remote Access Trojan) actively used by Hunters International ransomware group. SharpRhino is highly developed and penetrates into the network mask of IT specialists, primarily due to the belief in the tools’ legitimacy. Going under the genuine software installer, SharpRhino started functioning in mid-June 2024. However, Quorum Cyber discovered it in early August 2024 while investigating ransomware.
About Hunters International Group:
Hunters International emerged as one of the most notorious groups focused on ransomware attacks, having compromised over 134 targets worldwide in the first seven months of 2024. It is believed that the group is the rebranding of Hive ransomware group that was previously active, and there are considerable similarities in the code. Its focus on IT employees in particular demonstrates the fact that they move tactically in gaining access to the organizations’ networks.
Modus Operandi:
1. Typosquatting Technique
SharpRhino is mainly distributed by a domain that looks like the genuine Angry IP Scanner, which is a popular network discovery tool. The malware installer, labeled as ipscan-3.9.1-setup. It is a 32-bit Nullsoft installer which embeds a password protected 7z archive in it.
2. Installation Process
- Execution of Installer: When the victim downloads and executes the installer and changes the windows registry in order to attain persistence. This is done by generating a registry entry that starts a harmful file, Microsoft. AnyKey. exe, are fakes originating from fake versions of true legitimate Microsoft Visual Studio tools.
- Creation of Batch File: This drops a batch file qualified as LogUpdate at the installer.bat, that runs the PowerShell scripts on the device. These scripts are to compile C# code into memory to serve as a means of making the malware covert in its operation.
- Directory Creation: The installer establishes two directories that allow the C2 communication – C:\ProgramData\Microsoft: WindowsUpdater24 and LogUpdateWindows.
3. Execution and Functionality:
- Command Execution: The malware can execute PowerShell commands on the infected system, these actions may involve privilege escalation and other extended actions such as lateral movement.
- C2 Communication: SharpRhino interacts with command and control servers located on domains from platforms such as Cloudflare. This communication is necessary for receiving commands from the attackers and for returning any data of interest to the attackers.
- Data Exfiltration and Ransomware Deployment: Once SharpRhino has gained control, it can steal information and then proceed to encrypt it with a .locked extension. The procedure generally concludes with a ransom message, which informs users on how to purchase the decryption key.
4. Propagation Techniques:
Also, SharpRhino can spread through the self-copying method, this is the virus may copy itself to other computers using the network account of the victim and pretending to be trustworthy senders such as emails or network-shared files. Moreover, the victim’s machine may then proceed to propagate the malware to other systems like sharing in the company with other employees.
Indicators of Compromise (IOCs):
- LogUpdate.bat
- Wiaphoh7um.t
- ipscan-3.9.1-setup.exe
- kautix2aeX.t
- WindowsUpdate.bat
Command and Control Servers:
- cdn-server-1.xiren77418.workers.dev
- cdn-server-2.wesoc40288.workers.dev
- Angryipo.org
- Angryipsca.com
Analysis:

Graph:

Precautionary measures to be taken:
To mitigate the risks posed by SharpRhino and similar malware, organizations should implement the following measures:
- Implement Security Best Practices: It is important only to download software from official sites and avoid similar sites to confuse the user by changing a few letters.
- Enhance Detection Capabilities: Use technology in detection that can detect the IOCs linked to Sharp Rhino.
- Educate Employees: Educate IT people and employees on phishing scams and the requirement to check the origin of the application.
- Regular Backups: It is also important to back up important files from systems and networks in order to minimize the effects of ransomware attacks on a business.
Conclusion:
SharpRhino could be deemed as the evolution of the strategies used by organizations like Hunters International and others involved in the distribution of ransomware. SharpRhino primarily focuses on the audience of IT professionals and employs complex delivery and execution schemes, which makes it an extremely serious threat for corporate networks. To do so it is imperative that organizations have an understanding of its inner workings in order to fortify their security measures against this relatively new threat. Through the enforcement of proper security measures and constant enlightenment of organizations on the importance of cybersecurity, firms can prevent the various risks associated with SharpRhino and related malware. Be safe, be knowledgeable, and most importantly, be secure when it comes to cyber security for your investments.
Reference:
https://cybersecuritynews.com/sharprhino-ransomware-alert/
https://cybersecsentinel.com/sharprhino-explained-key-facts-and-how-to-protect-your-data/
https://www.dataprivacyandsecurityinsider.com/2024/08/sharprhino-malware-targeting-it-professionals/