Digital Lutera: The New Face of UPI Fraud
Cyber intelligence firm CloudSEK has identified a new cybersecurity threat called Digital Lutera, targeting UPI apps and exploiting device trust to conduct unauthorized financial transactions. This sophisticated attack involves manipulating Android systems to intercept messages and bypass traditional security measures, posing a significant risk to digital payments.
- Country:
- India
Emerging technology is being leveraged by online fraudsters to compromise the security of UPI apps, as revealed by a CloudSEK report. The cyber intelligence firm warns of a new threat dubbed 'Digital Lutera,' a toolkit facilitating unauthorized financial transactions by disrupting device trust.
CloudSEK's investigation uncovered at least 20 active groups on Telegram, each exceeding 100 members, discussing and sharing this potent kit. Unlike typical malware, Digital Lutera strategically manipulates operating systems, rendering usual security measures like SIM-binding ineffective.
The firm reported transactions up to Rs 30 lakh over two days within a single group, underscoring the rapid growth and potential scale of the fraud. The attack begins with users unknowingly downloading malicious APKs, leading to SMS permissions being exploited. The manipulative technology deceives UPI apps into registering fake transactions, despite the SIM never leaving the victim's phone.
Google News