In 2023, the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) reported a significant rise in financial fraud involving cryptocurrencies such as bitcoin, ether, and tether. The IC3 received over 69,000 public complaints about cryptocurrency fraud, resulting in estimated losses exceeding $5.6 billion.
The report highlights that investment scams are the most pervasive form of cryptocurrency exploitation, responsible for nearly 71% of all cryptocurrency-related losses. Call centre frauds, including tech support scams and government impersonation schemes, accounted for about 10% of these losses. The decentralised nature of cryptocurrencies, coupled with the speed and irreversibility of transactions, makes them particularly attractive to criminals and poses substantial challenges in recovering stolen funds.
IC3 plays a central role in aggregating and analysing these complaints to identify trends and develop strategies to combat fraud. Timely and accurate complaint reporting is crucial for aiding law enforcement in their investigations.
Germany’s domestic intelligence agency has warned about a Russian cyber group tied to the military intelligence agency, GRU. Known as Unit 29155 or UNC2589, the group has been accused of launching cyberattacks against NATO and the EU countries, escalating concerns about Russian interference. In a coordinated effort, Germany’s Bundesverfassungsschutz issued the alert in collaboration with the FBI, US cybersecurity agencies, and other international partners.
The warning follows a wave of suspicion across Europe regarding Russian cyber activities, particularly since the invasion of Ukraine in 2022. Earlier this year, Germany accused Russia of targeting the Social Democratic Party as well as industries like defence, aerospace, and logistics. These attacks have been attributed to UNC2589, also known by other names such as Cadet Blizzard or Ember Bear.
The cyber group is reportedly involved in espionage and sabotage, with tactics that include defacing websites and leaking stolen data. The GRU unit to which it belongs is notorious for its alleged role in the poisoning of former Russian double agent Sergei Skripal and his daughter Yulia in Britain in 2018, further cementing its reputation as a severe threat to international security.
New Mexico has filed a lawsuit against Snap Inc, alleging that Snapchat’s design facilitates the sharing of child sexual exploitation material. Attorney General Raul Torrez stated that a months-long investigation found Snapchat to be a key platform for sextortion, where predators coerce minors into sending explicit content.
Snap said it is reviewing the complaint and will respond in court. The company has invested significant funds into trust and safety measures and continues to work with law enforcement and safety experts to combat such issues.
Snapchat is widely used by teens due to its disappearing message feature, which has been criticised for misleading users. According to Torrez, predators can permanently capture the content, creating a virtual collection of child sexual images that are shared indefinitely.
Investigators opened a decoy Snapchat account as part of the investigation, discovering 10,000 records of child sexual abuse material on the dark web. Snapchat was identified as a major source for such content in these sites. New Mexico also sued Meta last December for similar reasons.
CrowdStrike is set to reveal the financial impact of a significant cyber outage that disrupted Microsoft’s Windows operating system last month. The incident, caused by a faulty software update, led to global disruptions, affecting various sectors, including aviation and healthcare.
The outage has sparked lawsuits, including one from Delta Air Lines, and has raised concerns about potential market share losses to rivals.
Following the outage, many customers have reconsidered their cybersecurity options. Competitors like Palo Alto Networks have seized the opportunity, offering discounts to attract customers, which analysts believe may have chipped away at CrowdStrike’s market share. Over half of the company’s brokerages have reduced their annual revenue estimates, anticipating that CrowdStrike may lower its forecast.
Despite the challenges, CrowdStrike remains a dominant player in the cybersecurity industry. Some analysts believe the financial hit from the outage will be short-lived, given the high costs associated with switching providers and the company’s efforts to assist customers in restoring their systems. Shares of CrowdStrike have declined by about 20% since the outage, yet the stock is still up over 5% for the year.
As CrowdStrike prepares to report a 31% revenue increase for the quarter ending in July, its focus is on regaining trust and solidifying its position in the market. The company will also participate in a Microsoft summit in September aimed at enhancing cybersecurity measures, which could be crucial in repairing its reputation.
According to Lumen Technologies, a Chinese hacking group has exploited a software flaw, compromising several internet companies in the US and abroad. Researchers at Lumen revealed that the hackers targeted a previously unknown vulnerability in Versa Director, a software platform used by Santa Clara-based Versa Networks. The attack began early in June and affected four US firms and one in India.
Versa Networks acknowledged the flaw and urged customers to update their software. Lumen’s researchers believe the hacking campaign was conducted by the Chinese government-backed group, ‘Volt Typhoon.’
Allegedly, the attackers aimed to surveil the customers of the compromised internet companies. Cybersecurity experts warn that such access could enable broad, undetected surveillance.
The US Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of known exploited weaknesses. Concerns over China’s cyber activities have grown, with US officials noting an increase in the intensity of these efforts. In April, the FBI warned that China was developing the capability to disrupt critical infrastructure.
Meta recently announced that it had detected attempts to hack WhatsApp accounts belonging to US officials from both the Biden and Trump administrations. The company linked these efforts to an Iranian hacker group, APT42, which has previously been connected to breaches in the Trump campaign. Meta described the attempts as a small-scale operation using social engineering tactics, where hackers posed as technical support from major companies like AOL, Google, Yahoo, and Microsoft.
After users flagged these suspicious activities, Meta blocked the accounts and confirmed that none of the targeted WhatsApp accounts had been compromised. The company explained that APT42 is known for deploying surveillance software on victims’ mobile devices, enabling them to access calls and text messages and even activate cameras and microphones without detection.
These hacking attempts are reportedly part of a broader campaign targeting US presidential campaigns earlier this month, just ahead of the upcoming presidential election. While Meta did not disclose the identities of those targeted, it indicated that the hackers focused on political and diplomatic figures, as well as business leaders from several countries, including the US, UK, Israel, the Palestinian territories, and Iran.
Meta’s findings underscore the ongoing risks of cyber-attacks targeting political figures and highlight the need for increased vigilance as the US heads into a critical election period.
The collaboration will focus on creating software tailored to Australia’s regulatory environment. Google will contribute its existing open-source vulnerability database and AI services, while CSIRO will apply its research expertise to enhance the project’s outcomes. The goal is to provide customised cybersecurity solutions that align with local laws and promote greater compliance and trust.
The partnership is part of Google’s commitment to invest A$1 billion in Australia over five years, a pledge made in 2021 amidst Australia’s efforts to enforce stricter regulations on global tech companies. The collaboration is seen as a critical step in bolstering the country’s defences against cyber threats.
Why does this matter?
The Australian government has recently imposed stricter requirements on critical infrastructure operators to report and prevent cyberattacks following a series of breaches that compromised the personal data of millions of Australians. The tools developed through this partnership aim to mitigate such risks and ensure the security of essential services.
The findings from this research will be made publicly available, ensuring that critical infrastructure operators can easily access the information and improve their cybersecurity measures.
Halliburton, a major US oilfield services company, experienced a cyberattack on Wednesday, affecting certain systems and disrupting business operations at its north Houston campus and global networks. The company is working with external experts to resolve the issue and has advised some staff not to connect to internal networks as they investigate the cause and impact of the attack.
Cyberattacks have become a significant concern for the energy sector following high-profile incidents like the 2021 Colonial Pipeline ransomware attack that led to fuel shortages and price spikes. Although details about the Halliburton attack remain unclear, ransomware attacks typically involve hackers encrypting data and demanding payment for its release, with threats to leak confidential information if their demands are not met.
Halliburton, one of the largest oilfield services firms globally, is now the latest in a series of major US companies targeted by cybercriminals, raising further alarm in an industry already on high alert for such threats.
German authorities have seized nearly €25 million in cash during a large-scale operation targeting illegal cryptocurrency ATMs. The operation uncovered 13 machines operating without the necessary permits, posing significant risks related to money laundering. These unlicensed ATMs were used for trading bitcoin and other cryptocurrencies, prompting the swift action from the country’s financial regulator, BaFin.
Across 35 different locations in Germany, 13 ATMs were found. The lack of proper authorisation for these machines meant they could be exploited for illicit activities, heightening concerns about financial crimes within the cryptocurrency market. The seizure of such a large sum of cash underscores the scale of the problem and the authorities’ determination to clamp down on illegal financial operations.
Collaboration between BaFin, law enforcement agencies, and the German Bundesbank was key to the success of this operation. By working together, these organisations were able to effectively identify and shut down the unauthorised ATMs, preventing further potential misuse of these machines. However, the operation highlights the ongoing efforts by German authorities to regulate the rapidly evolving world of cryptocurrency.
The seizure marks a significant step in Germany’s efforts to enforce stricter regulations on cryptocurrency trading. As the popularity of digital currencies grows, so too does the need for robust oversight to prevent financial crimes. The operation serves as a warning to those attempting to bypass regulations and operate outside the law in the cryptocurrency industry.
Microchip Technology experienced a cyber incident that disrupted certain servers and business operations, the company revealed on Tuesday. The disruption began after ‘potentially suspicious activity’ was detected in its IT systems over the weekend. Immediate steps were taken to assess and contain the situation, but the company’s manufacturing facilities have been operating below normal capacity, impacting its ability to fulfil orders.
The timing of the incident coincides with a challenging period for Microchip, as the company is already facing reduced demand for chips. Many clients are working through excess inventory accumulated during the COVID-19 pandemic, further complicating the situation. In response to the breach, Microchip has shut down specific systems and launched an investigation, enlisting external cybersecurity experts to assist in understanding the full scope of the attack.
While the exact nature and impact of the incident remain unclear, Microchip is working to determine whether the disruption will have a significant effect on its financial health. The company, whose shares dropped by approximately 2% in extended trading, continues to investigate the breach and mitigate its effects.
