The UK’s Financial Conduct Authority (FCA) has successfully prosecuted two men, Raymondip Bedi and Patrick Mavanga, for running a £1.5 million cryptocurrency investment fraud that misled 65 investors. Between 2017 and 2019, Bedi and Mavanga lured investors through cold calls and fraudulent, professional-looking websites, offering high returns on fake crypto platforms. The tactic resulted in substantial losses for their victims, totalling over £1.5 million.
The FCA charged both men with conspiracy to defraud, operating without FCA authorisation, and money laundering. Mavanga also faced additional charges for perverting the course of justice by deleting phone records linked to the scheme. The prosecution underscores the FCA’s mandate to uphold financial service standards and highlights the importance of being wary of unsolicited calls and online investment offers.
Two other suspects were involved: Rowena Bedi was acquitted, while a third defendant awaits a retrial in 2025. Another individual, Minas Filippidis, remains at large. The FCA advises consumers to stay vigilant against scams and only trust financial services authorised by the agency.
Rocket Lab, a leading player in the small satellite launch industry, announced that its CEO Peter Beck’s account on X (formerly Twitter) was compromised on Wednesday. The company, which has a market valuation of $6.5 B and manufactures the Electron rocket, confirmed that they are working closely with X to secure Beck’s account.
The breach came to light after a suspicious post from Beck’s account promoted a new Ethereum-based token supposedly aimed at funding space-themed projects. Rocket Lab quickly issued a statement clarifying that this post was not official, and their team is collaborating with X to restore account control.
Rocket Lab is actively addressing the issue, emphasising their commitment to safeguarding their leadership’s social media presence against further cybersecurity breaches.
A South Korean detective has helped bring down a Bitcoin mining scam operation after accidentally becoming one of its targets. The scammers, who operated an illegal call centre, contacted the detective in April, unaware of his position. Realising it was a scam, the detective pretended to fall for the “high-yield” Bitcoin investment scheme, providing his details as if he was interested in investing. This move allowed police to trace the call and investigate further.
Following the detective’s lead, officers were able to track down the scam’s headquarters in Incheon, arresting 81 individuals involved. Among them were those suspected of buying leaked personal data and using fake SIM cards to contact potential victims. Nine key members, including the suspected ringleader, have been detained, while others face charges related to economic crimes and data privacy violations.
Police revealed the group had been running the scheme since October last year, defrauding at least 50 victims. They allegedly lured investors by offering small “dividends” during a free trial period, then asking for larger sums. Altogether, the group is thought to have raised over $1.6 million, promising easy profits through Bitcoin mining. Authorities have urged the public to be cautious of schemes that promise high returns with minimal effort, warning these are often fraudulent.
Italy’s data protection authority has criticised Intesa Sanpaolo for underestimating the severity of a data breach that affected thousands of customers, including Prime Minister Giorgia Meloni. The breach, which involved an Intesa employee accessing the data of around 3,500 clients, was initially reported with a higher number of affected individuals. However, the bank later clarified that the number was lower than what had been reported in the media.
The data watchdog instructed Intesa to notify all impacted customers within 20 days and noted that the bank had not adequately communicated the full scope of the breach. The authority emphasised that the breach posed a significant risk to the affected individuals’ rights and freedoms, including potential harm to their financial status and reputation. Intesa had already dismissed the employee involved and informed both the data protection authority and prosecutors.
The authority is now reviewing the bank’s security measures and has asked Intesa to provide an update within 30 days. In response, the bank assured that it had prioritised customer data security and had taken steps to enhance its systems and control procedures. Intesa also stated there was no evidence that the data had been shared outside the bank.
A Chinese state-sponsored hacking group, Volt Typhoon, reportedly breached Singapore Telecommunications (SingTel) in June as part of a broader cyber campaign targeting telecom companies and critical infrastructure globally.
SingTel confirmed that malware was detected during the breach but assured there was no data exfiltrated or service disruption. The company took immediate action, reporting the incident to authorities, though it could not confirm if the breach was the same event mentioned in media reports.
Chinese officials have denied involvement in the attack, with a spokesperson asserting that China opposes all forms of cyberattacks. Volt Typhoon, previously linked to cyberattacks on critical US infrastructure, is believed to have used this incident as a test for potential future attacks on US telecom firms. The breach highlights the growing concerns over Chinese cyber activities targeting global critical infrastructure.
The head of US cybersecurity, Jen Easterly, announced Monday that, despite an increase in disinformation targeting the 2024 presidential election, there has been no evidence of interference capable of affecting the election outcome. Easterly noted the unprecedented levels of false information spreading across online platforms, much of which has been attributed to foreign actors aiming to sow division among voters.
US authorities have pointed to Russia as one of the primary sources of election-related disinformation, including a widely circulated fake video in Georgia showing an immigrant falsely claiming to have voted multiple times. Officials say that similar tactics are expected to continue beyond Election Day, targeting trust in the electoral process through to January.
Easterly assured voters that election security is stronger than ever, thanks to enhanced protective measures and improved preparedness across voting jurisdictions. Her message emphasised the government’s ongoing commitment to maintaining safe, secure, and reliable elections for all Americans.
Aleksei Andriunin, the founder of cryptocurrency firm Gotbit, has been indicted in the US for alleged involvement in a conspiracy to manipulate cryptocurrency markets. The Justice Department claims that Andriunin and his firm provided market manipulation services to increase artificial trading volumes for various cryptocurrency companies from 2018 to 2024.
The superseding indictment also names Gotbit’s directors, Fedor Kedrov and Qawi Jalili, who were already charged earlier in October. Prosecutors allege that these actions aimed to distort the cryptocurrency markets, with several companies, including some in the United States, reportedly benefitting from these tactics.
If convicted, Andriunin faces significant penalties, with wire fraud charges carrying a potential 20-year prison sentence. He could also face an additional five years for conspiracy charges. The allegations form part of a larger crackdown on crypto market manipulation, which has already led to several arrests and asset seizures worth $25 million.
Recent moves by federal prosecutors highlight a more aggressive stance on crypto-related fraud. They have targeted multiple firms, including Gotbit, and several leaders have already agreed to plead guilty. The crackdown aims to strengthen transparency and curb malpractice in the cryptocurrency market.
Canada’s signals intelligence agency has identified China’s hacking activities as the most significant state-sponsored cyber threat facing the country, according to a new threat assessment. The Communications Security Establishment (CSE) highlighted China’s advanced and aggressive cyber campaigns, describing them as highly sophisticated and primarily targeting political and commercial objectives, including espionage, intellectual property theft, and influence operations. This announcement comes amid strained relations between Ottawa and Beijing, fueled by past allegations of Chinese interference in Canada’s electoral process.
The CSE report also noted that Russia’s cyber operations are active in attempts to destabilise Canada and its allies, while Iran poses an additional cyber threat. These findings underscore the ongoing cyber challenges Canada faces from multiple state actors seeking influence and intelligence. The Chinese embassy in Ottawa has not yet commented on the CSE report, and Beijing has historically rejected similar accusations.
Canadian authorities have grown increasingly vocal about foreign interference, with Prime Minister Justin Trudeau previously accusing China of election meddling. Security experts warn that Canada will need to strengthen defenses as geopolitical tensions continue to heighten cyber risks.
Six Democratic senators have urged the Biden administration to address critical concerns about human rights and cybersecurity in the upcoming United Nations Cybercrime Convention, which is set for a vote at the UN General Assembly. In a letter to top officials, including Secretary of State Antony Blinken and National Security Adviser Jake Sullivan, the senators—Tim Kaine, Jeff Merkley, Ed Markey, Chris Van Hollen, Ron Wyden, and Cory Booker—expressed alarm over the convention’s handling of privacy rights, freedom of expression, and cybersecurity.
The letter warns that the current version of the treaty, supported by US lead negotiator Ambassador Deborah McCarthy, risks aligning the US with repressive regimes under the pretence of cybersecurity. The senators voiced concerns that the treaty, which originated as a Russian proposal in 2017, could enable authoritarian states to legitimise surveillance, suppress dissent, and infringe on human rights globally.
While the Biden administration tried to revise the text, the senators argued that these changes needed revision. The treaty’s provisions require countries to enact laws that allow local law enforcement access to electronic data, threaten privacy rights, and potentially enable surveillance without judicial oversight. The top diplomat warned of serious fallout if the US fails to back the treaty.
The letter also criticises the treaty for lacking clear protections for journalists and security researchers, whose work often involves uncovering vulnerabilities that malicious actors could exploit. The senators warn that this oversight could weaken cybersecurity without explicit safeguards, making sensitive systems more vulnerable to attack.
JP Morgan Chase has initiated lawsuits against customers accused of exploiting a glitch to withdraw large sums from its ATMs. The viral ‘infinite money glitch’ trend on TikTok involved users writing large cheques to themselves, depositing them, and withdrawing the money before the cheques were returned as invalid.
The lawsuits target two individuals and two businesses, demanding the return of funds with interest, reimbursement of overdraft fees, and coverage of legal expenses. In a court filing, JP Morgan revealed that one incident involved a $335,000 cheque deposited on 29 August, with over $290,000 still owed after the cheque was deemed counterfeit.
Bank officials stressed their commitment to fraud prevention, describing bank fraud as a serious crime in court documents. The total amount linked to the defendants in the lawsuits exceeds $660,000. Typically, banks permit customers to withdraw only part of a cheque’s value until it clears.
The Wall Street Journal recently reported that the bank closed the loophole shortly after the glitch went viral. An ongoing investigation by JP Morgan is reviewing thousands of potential fraud cases tied to the incident.
