Latest news with #CloudSEK
The Print
a day ago
- Business
- The Print
CloudSEK detects Maharashtra-based counterfeit currency syndicates operating via social media
Sourajeet Majumder, a security researcher at CloudSEK, said the firm has reported about the syndicate to the law enforcement agencies with details of the cyber criminals along with their phone numbers, GPS location and supporting digital evidence. The report said that the earlier such syndicates were confined to the dark web and underground print shops and claimed that such syndicates were now operating in broad daylight through social media platforms like Facebook and Instagram. New Delhi, Jul 27 (PTI) Cyber intelligence firm CloudSEK has detected counterfeit currency syndicates based out of Maharashtra operating via social media platforms, the company said in a report. He said the counterfeit currency network was flourishing openly on social media platforms. 'In a first-of-its-kind investigation, CloudSEK's STRIKE team has not only quantified the spread — Rs 17.5 crore worth of fake Indian currency in just six months — but also attributed key individuals behind the operation using facial recognition, GPS data, and digital forensics,' the report said. CloudSEK is one of the cyber intelligence service providers to India cyber security watchdog CERT-In. The CloudSEK researchers found over 4,500 posts promoting counterfeit currency, more than 750 accounts and pages facilitating the sale and around 410 unique phone numbers linked to sellers. 'Adhering to its commitment to responsible disclosure and aiding national security, the comprehensive findings from this investigation, including the detailed attribution of threat actors, their phone numbers, precise GPS locations, and supporting digital evidence, have been formally furnished to relevant central and state law enforcement agencies,' Majumder said. He said that the critical intelligence has also been shared with appropriate regulatory authorities to enable swift and decisive action against this illicit network, safeguarding both the nation's financial stability and its citizens. PTI PRS HVA This report is auto-generated from PTI news service. ThePrint holds no responsibility for its content.
&w=3840&q=100)
Business Standard
2 days ago
- Business
- Business Standard
CloudSEK detects Maha-based counterfeit currency syndicates on social media
Cyber intelligence firm CloudSEK has detected counterfeit currency syndicates based out of Maharashtra operating via social media platforms, the company said in a report. The report said that the earlier such syndicates were confined to the dark web and underground print shops and claimed that such syndicates were now operating in broad daylight through social media platforms like Facebook and Instagram. Sourajeet Majumder, a security researcher at CloudSEK, said the firm has reported about the syndicate to the law enforcement agencies with details of the cyber criminals along with their phone numbers, GPS location and supporting digital evidence. He said the counterfeit currency network was flourishing openly on social media platforms. "In a first-of-its-kind investigation, CloudSEK's STRIKE team has not only quantified the spread -- Rs 17.5 crore worth of fake Indian currency in just six months -- but also attributed key individuals behind the operation using facial recognition, GPS data, and digital forensics," the report said. CloudSEK is one of the cyber intelligence service providers to India cyber security watchdog CERT-In. The CloudSEK researchers found over 4,500 posts promoting counterfeit currency, more than 750 accounts and pages facilitating the sale and around 410 unique phone numbers linked to sellers. "Adhering to its commitment to responsible disclosure and aiding national security, the comprehensive findings from this investigation, including the detailed attribution of threat actors, their phone numbers, precise GPS locations, and supporting digital evidence, have been formally furnished to relevant central and state law enforcement agencies," Majumder said. He said that the critical intelligence has also been shared with appropriate regulatory authorities to enable swift and decisive action against this illicit network, safeguarding both the nation's financial stability and its citizens.
Fox News
25-06-2025
- Fox News
Malware targets Mac users with fake CAPTCHA and AMOS Stealer
ClickFix, a social engineering tactic that has been targeting both Windows and Mac users since early 2024, continues to evolve. Just last month, I reported on how attackers were using fake CAPTCHA prompts to trick Windows users into installing malware themselves. Now, that same trick is being turned against macOS. Cybersecurity researchers have uncovered a new campaign using ClickFix to deliver Atomic macOS Stealer (AMOS), a powerful information-stealing malware targeting Apple systems. Security researchers at CloudSEK have identified a new threat targeting macOS users through imitation and deception. The campaign uses a technique known as ClickFix to lure victims through fake online verification prompts. This time, attackers are spoofing Spectrum, a major telecom provider in the United States. They use fraudulent domains that closely resemble Spectrum's real support portals. These include misleading addresses like panel spectrum net and spectrum ticket net. Visitors to these sites are shown a standard-looking CAPTCHA box, asking them to verify their identity. When they do, the site displays a fake error message that says the CAPTCHA failed. Users are encouraged to click a button labeled "Alternative Verification." This triggers a command to be copied silently to their clipboard. What happens next depends on the user's operating system. On macOS, instructions guide the user to paste and run the command in Terminal. That command is actually a shell script designed to steal information and download malware. The script is particularly dangerous because it uses legitimate macOS system commands. It asks for the system password, harvests credentials and disables security protections. It then downloads AMOS. This is a known information stealer with a history of targeting Apple devices. The malware collects sensitive data like passwords, cryptocurrency wallet keys, browser autofill data and saved cookies. Researchers believe the campaign was created by Russian-speaking attackers. Clues include comments written in Russian found within the malware's code. Analysts also noted that the delivery infrastructure was poorly assembled. Mismatched instructions appeared across devices. For example, Linux users were shown Windows commands. Mac users were told to press keys that only exist on Windows machines. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join. ClickFix is a social engineering method that has rapidly gained popularity among cybercriminals. It relies on users trusting what they see and blindly following simple instructions. In this campaign, the attacker's goal is to make the victim execute the infection process themselves. Once the user follows through, the system is compromised without needing a traditional exploit. Researchers believe ClickFix has been active since at least March 2024. I first reported on it in June 2024, when attackers used fake error messages from Google Chrome, Microsoft Word and OneDrive to push their payloads. Victims were shown prompts offering a "fix," which copied a malicious PowerShell command to their clipboard. They were then instructed to paste and run it in PowerShell or through the Run dialog. By November 2024, the method had evolved further. A new wave of attacks targeted Google Meet users, beginning with phishing emails that mimicked internal meeting invites. These emails contained links that redirected to fake Meet landing pages designed to look like they came from the victim's own organization. To protect yourself from the evolving threat of ClickFix malware, which continues to target users through sophisticated social engineering tactics, consider implementing these six essential security measures: 1. Be skeptical of CAPTCHA prompts: Legitimate CAPTCHA tests never require you to paste anything into Terminal. If a website instructs you to do this, it's likely a scam. Close the page immediately and avoid interacting with it. 2. Don't click links from unverified emails and use strong antivirus software: Many ClickFix attacks also start with phishing emails that impersonate trusted services like or Google Meet. Always verify the sender before clicking on links. If an email seems urgent or unexpected, go directly to the company's official website instead of clicking any links inside the email. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Enable two-factor authentication: Enable two-factor authentication whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password. 4. Keep devices updated: Regularly updating your operating system, browser, and security software ensures you have the latest patches against known vulnerabilities. Cybercriminals exploit outdated systems, so enabling automatic updates is a simple but effective way to stay protected. 5. Monitor your accounts for suspicious activity and change your passwords: If you've interacted with a suspicious website, phishing email, or fake login page, check your online accounts for any unusual activity. Look for unexpected login attempts, unauthorized password resets, or financial transactions that you don't recognize. If anything seems off, change your passwords immediately and report the activity to the relevant service provider. Also, consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed Password Managers of 2025 here. 6. Invest in personal data removal service: Consider using a service that monitors your personal information and alerts you to potential breaches or unauthorized use of your data. These services can provide early warning signs of identity theft or other malicious activities resulting from ClickFix or similar attacks. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web Even experienced users can be tricked when malicious behavior is disguised as routine. The attack didn't just exploit a vulnerability in macOS, but also your familiarity with verification flows. As long as security instructions look like part of the usual experience, people will continue to run malicious code themselves. Mac users, like everyone else, need to treat every familiar-looking interface with a little more skepticism. Especially when it asks for your password. Do you think tech companies are doing enough to stop malware like ClickFix? Let us know by writing to us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Entrepreneur
21-06-2025
- Business
- Entrepreneur
Breach Blocker
"Think of it as a weather forecast for cyber threats. We don't just tell you it's raining hackers, we tell you where the lightning will strike next," says Rahul Sasi, Co-Founder and CEO, CloudSEK Opinions expressed by Entrepreneur contributors are their own. You're reading Entrepreneur India, an international franchise of Entrepreneur Media. When it comes to cybersecurity threats, Rahul Sasi believes in being one step ahead, always. "We like to think of ourselves as a digital immune system for enterprises. Instead of reacting to cyberattacks after the damage is done, we predict where the first punch will land and help you dodge it," says the co-founder and CEO of CloudSEK. Founded in 2015 by Sasi, a cybersecurity researcher turned entrepreneur—CloudSEK was built on the ethos of prevention over cure. The company has since evolved into a trusted cybersecurity partner for over 250 enterprises, including Fortune 500 companies and digital-first unicorns across banking, healthcare, and tech. "While most tools detect attacks after the fact, we identify Indicators of Attack (IOAs), signals from the reconnaissance phase so customers can act before the breach happens." He adds, "Think of it as a weather forecast for cyber threats. We don't just tell you it's raining hackers, we tell you where the lightning will strike next." This proactive approach has earned CloudSEK a 4.8-star rating on Gartner Peer Insights across nearly 200 reviews, and recognition as the number one threat intelligence provider in APAC. "We've been recognised as a Customer First Vendor—proof that we're solving real problems, not just ticking compliance boxes," adds Sasi. With USD 40 million in total funding and a presence in five countries, CloudSEK is now doubling down on global expansion, particularly in the U.S., India, and UAE. The recent Series A2 and B1 rounds brought in USD 19 million, which will be used to further refine its AI models and deepen platform integration. "In cybersecurity, the moment you stand still, you're already behind," says Sasi. To stay ahead in a rapidly evolving landscape, CloudSEK has embraced a culture of relentless innovation. "We treat innovation like a Formula 1 pit crew—constantly tuning, upgrading, and pushing the limits," he says. The company is leveraging generative AI, crowdsourced threat intelligence, and real-time analytics to reduce response times and enhance threat visibility. CloudSEK's R&D and threat research teams work closely together to anticipate threat patterns and shape new detection models. "We're not just reacting to trends, we're setting them," Sasi adds. Despite strong tech and traction, Sasi admits the hardest challenge isn't technological, it's behavioural. "Getting organisations to shift from reactive to proactive security. Most teams still wait for a breach to happen before they act. It's like using GPS after you're already lost," he says. To change this mindset, CloudSEK builds intelligence frameworks that guide CISOs to ask the right questions first. "If we can help a company move from 'prevent' to 'predict,' they're not just more secure, they're ahead of the curve." On the business front, CloudSEK is inching closer to profitability. The company has grown 3x in the last two years and currently operates on an 81% gross margin, with positive cash flow expected in the next quarter. "We're built on a recurring revenue model. Think of it like a snowball rolling downhill—our base is expanding, and the platform is becoming stickier, so growth becomes more predictable and more profitable," Sasi notes. While headquartered in Singapore, CloudSEK's operations span India, the U.S., UK, and Brazil. With over 60 per cent of its new revenue coming from international markets, the U.S. has emerged as the fastest-growing region.
Forbes
08-06-2025
- Forbes
New Apple Passwords Attack Confirmed — What You Need To Know
New macOS password attack hits Apples users. Although it is far more commonplace to read about password attacks against users of the Windows operating system, or targeting services such as Gmail, the truth of the matter is that nobody is safe from the credential-theft threat as this newly confirmed Apple password-stealing attack illustrates. Here's what you need to know about the AMOS campaign targeting macOS users. The latest adversary intelligence report from Koushik Pal, a threat researcher at CloudSEK, has warned users that a newly identified Atomic macOS stealer campaign utilizing a previously unknown variant has been observed targeting the Apple operating system. Although this latest and ongoing threat leverages well-known existing tactics and techniques, such as the Clickfix fake CAPTCHA screen and multi-platform social engineering, the danger it poses to macOS users remains high nonetheless. Better known as AMOS, this latest variant of the Atomic macOS Stealer has been observed using Clickfix attack sites that impersonate a U.S. support services company within the cable TV, internet provision, mobile phone, and managed services sectors. The brand impersonation in this case is made possible by way of typo-squatting domains that appear similar to the genuine article. 'The macOS users are served a malicious shell script designed to steal system passwords and download an AMOS variant for further exploitation,' Pal warned. This script then uses native macOS commands to 'harvest credentials, bypass security mechanisms, and execute malicious binaries.' This is, to be fair, as significant a threat to your Apple passwords as you are going to get. Targeting both consumer and corporate users, and highlighting a trend in such multi-platform social engineering attacks, Pal said that source code comments suggested that Russian-speaking cybercriminals are behind the new AMOS threat campaign. The AMOS malware utilises legitimate utilities to circumvent endpoint security controls and extract macOS user passwords, which can then be used for lateral movement or sold to initial access brokers for use in other cybercriminal campaigns, including ransomware attacks. Users should be educated about the tactics used by such Apple passwords-stealing campaigns, Pal recommended by way of mitigation, 'especially those disguised as system verification prompts.'
