Cybercrime

DOJ seizes $2.3 million Bitcoin from Chaos ransomware

The US Department of Justice has moved to seize over $2.3 million in Bitcoin tied to a member of the Chaos ransomware group. The funds, taken from a wallet linked to the individual known as ‘Hors’, are alleged to be proceeds of extortion and money laundering.

Chaos operates as a ransomware-as-a-service group, renting its malware to affiliates targeting Windows, Linux, and NAS systems. The group has been active since early 2025 and is known for encrypting victims’ data while demanding crypto payments under threat of public leaks.

US Federal agents accessed the wallet in April using a recovery seed phrase from an older Electrum platform and transferred the assets to a government-controlled address. The DOJ said the operation demonstrates growing success in disrupting ransomware-related crypto flows.

Despite the seizure, challenges remain as such groups evolve their tactics and benefit from the relative anonymity of decentralised platforms. Authorities stress that continued cross-agency cooperation and advances in blockchain forensics are essential in combating future threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

US senator urges Musk to block Starlink use by Southeast Asian criminal networks

US Senator Maggie Hassan has called on SpaceX CEO Elon Musk to take immediate action against transnational criminal groups in Southeast Asia, which are allegedly using Starlink satellite internet to perpetrate massive online fraud schemes targeting American citizens.

In a letter seen by Reuters, the senator highlighted the growing role of Starlink in enabling so-called ‘scam compounds’ operated by criminal syndicates across Myanmar, Thailand, Cambodia, and Laos.

According to the US Treasury’s Financial Crimes Enforcement Network, the fraud networks have collectively cost Americans billions of dollars.

Senator Hassan emphasised that although SpaceX’s service rules allow for termination of access in cases of fraudulent activity, Starlink appears to remain active in regions where these scams flourish. She urged Musk to uphold SpaceX’s stated standards and take responsibility for cutting off illicit use of the service.

The scam compounds in question are more than just virtual hubs; reportedly, they are the sites of forced labour and human trafficking. Reports, including those from the UN, detail how hundreds of thousands of people have been trafficked into these centres, where they are coerced into operating elaborate online fraud schemes. These often target victims in the US and around the world through phishing messages, fake investment offers, and digital extortion.

The region has taken some steps to curb these operations. Since February, Thailand has actively disrupted resources such as electricity and internet to areas along its border with Myanmar, notably Myawaddy, where many scam centres are based. However, satellite services like Starlink can bypass these traditional infrastructure shutdowns, enabling fraud operations to persist despite regional crackdowns.

The criminal networks, many of which have roots in China, have also captured international attention due to high-profile cases. One such case was the January abduction of Chinese actor Wang Xing, who was kidnapped after arriving in Thailand and later rescued across the border in Myanmar by Thai authorities.

The incident further exposed these networks’ dangerous and organised nature, prompting broader calls for transnational cooperation and tech-sector accountability.

Source: Reuters

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

AI fuels new wave of global security breaches

Global corporations are under growing threat from increasingly sophisticated cyber attacks as AI tools boost the capabilities of malicious actors.

Allianz Life recently confirmed a breach affecting most of its 1.4 million North American customers, adding to a string of high-profile incidents this year.

Microsoft is also contending with the aftermath of a wide-scale intrusion, as attackers continue to exploit AI-driven methods to bypass traditional defences.

Cybersecurity firm DeepStrike reports that over 560,000 new malware samples are detected daily, underscoring the scale of the threat.

Each month in 2025 has brought fresh incidents. January saw breaches at the UN and Hewlett-Packard, while crypto lender zkLend lost $9.5 million to hackers in February.

March was marked by a significant attack on Elon Musk’s X platform, and Oracle lost six million data records.

April and May were particularly damaging for retailers and financial services. M&S, Harrods, and Coinbase were among the prominent names hit, with the latter facing a $20 million ransom demand. In June, luxury brands and media companies, including Cartier and the Washington Post, were also targeted.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Crypto hacks hit $3.1 billion by mid-2025

Cyberattacks and scams have already cost the crypto sector more than $3.1 billion in 2025, marking one of the most damaging years. Hacken’s mid-year report reveals that access control failures and social engineering tactics remain the primary culprits.

The most significant single incident occurred in Q1, when Bybit suffered a $1.5 billion breach, accounting for 83% of all Q1 losses. Access control weaknesses were responsible for around $1.83 billion, or 59% of funds lost across both DeFi and CeFi platforms.

Decentralised finance projects were hit particularly hard, with $300 million drained in Q2 alone. Smart contract vulnerabilities contributed to $263 million in losses, including a $223 million hit in the Cetus exploit.

Meanwhile, phishing scams reached new heights, with one incident in April involving a $330 million Bitcoin theft.

Q2 had fewer access breaches than Q1, but single leaks caused rapid, large-scale losses. Hacken’s report concludes that improved cybersecurity is essential for building trust and protecting innovation in the growing blockchain space.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Allianz breach affects most US customers

Allianz Life has confirmed a major cyber breach that exposed sensitive data from most of its 1.4 million customers in North America.

The attack was traced back to 16 July, when a threat actor accessed a third-party cloud system using social engineering tactics.

The cybersecurity breach affected a customer relationship management platform but did not compromise the company’s core network or policy systems.

Allianz Life acted swiftly by notifying the FBI and other regulators, including the attorney general’s office in Maine.

Those impacted are offered two years of credit monitoring and identity theft protection. The company has begun contacting affected individuals but declined to reveal the full number involved due to an ongoing investigation.

No other Allianz subsidiaries were affected by the breach. Allianz Life employs around 2,000 staff in the US and remains a key player within the global insurer’s North American operations.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Agentic AI forces rethink of cloud infrastructure

Cybersecurity experts warn that reliance on traditional firewalls and legacy VPNs may pose greater risks than protection. These outdated tools often lack timely updates, making them prime entry points for cyber attackers exploiting AI-powered techniques.

Many businesses depend on ageing infrastructure, unaware that unpatched VPNs and web servers expose them to significant cybersecurity threats. Experts urge companies to abandon these legacy systems and modernise their defences with more adaptive, zero-trust models.

Meanwhile, OpenAI’s reported plans for a productivity suite challenge Microsoft’s dominance, promising simpler interfaces powered by generative AI. The shift could reshape daily workflows by integrating document creation directly with AI tools.

Agentic AI, which performs autonomous tasks without human oversight, also redefines enterprise IT demands. Experts believe traditional cloud tools cannot support such complex systems, prompting calls to rethink cloud strategies for more tailored, resilient platforms.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Women-only dating app Tea suffers catastrophic data leak

Tea, a women-only dating app, has suffered a massive data breach after its backend was found completely unsecured. Over 72,000 private images and more than 13,000 government-issued IDs were leaked online.

Some documents were dated as recently as 2025, contradicting the company’s claim that only ‘old data’ was affected. The data, totalling 59.3 GB, included verification selfies, DMs, and public posts. It spread rapidly through 4chan and decentralised platforms like BitTorrent.

Critics have blamed Tea’s use of ‘vibe coding’, AI-generated code with no proper review, which reportedly left its Firebase database open with no authentication.

Experts warn that relying on AI tools to build apps without security checks is becoming increasingly risky. Research shows nearly half of AI-generated code contains vulnerabilities, yet many startups still use it for core features. Tea users are now urged to monitor their identity and financial data.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Crypto hacks soar in 2025 as security gaps widen

According to Hacken’s latest research, the crypto sector has already recorded more than $3.1 billion in losses during the first half of 2025. That figure already exceeds 2024, mainly due to access control flaws, phishing, and AI-driven exploits.

Access control remains the most significant weakness, responsible for almost 60% of recorded losses. The most severe breach was the Bybit attack, where North Korean hackers exploited a wallet signer vulnerability to steal $1.46 billion.

Other incidents include UPCX’s $70 million loss, a manipulated price oracle exploit on KiloEx, and insider fraud involving the Roar staking contract.

Phishing and social engineering continue to evolve, accounting for nearly $600 million in stolen funds. One victim reportedly lost $330 million in Bitcoin, while fake Coinbase support calls drained over $100 million from user wallets.

Meanwhile, AI-related hacks have exploded in volume, increasing by more than 1,000% compared to last year. Most of these incidents stem from insecure APIs and flaws in large language model integrations.

Experts warn that smarter attackers and Web3’s fragmented security practices demand a stronger approach. Hacken advises combining blockchain standards with off-chain protections and better training to stay ahead of threats.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Big companies grapple with AI’s legal, security, and reputational threats

A recent Quartz investigation reveals that concerns over AI are increasingly overshadowing corporate enthusiasm, especially among Fortune 500 companies.

More than 69% now reference generative AI in their annual reports as a risk factor, while only about 30% highlight its benefits, a dramatic shift toward caution in corporate discourse.

These risks range from cybersecurity threats, such as AI-generated phishing, model poisoning, and adversarial attacks, to operational and reputational dangers stemming from opaque AI decision-making, including hallucinations and biassed outputs.

Privacy exposure, legal liability, task misalignment, and overpromising AI capabilities, so-called ‘AI washing’, compound corporate exposure, particularly for boards and senior leadership facing directors’ and officers’ liability risks.

Other structural risks include vendor lock-in, disproportionate market influence by dominant AI providers, and supply chain dependencies that constrain flexibility and resilience.

Notably, even cybersecurity experts warn of emerging threats from AI agents, autonomous systems capable of executing actions that complicate legal accountability and oversight.

Companies are advised to adopt comprehensive AI risk-management strategies to navigate this evolving landscape.

Essential elements include establishing formal governance frameworks, conducting bias and privacy audits, documenting risk assessments, ensuring human-in-the-loop oversight, revising vendor contracts, and embedding AI ethics into policy and training, particularly at the board level.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft hacking campaign expands into ransomware attacks

A state-aligned cyber-espionage campaign exploiting Microsoft server software vulnerabilities has escalated to ransomware deployment, according to a Microsoft blog post published late Wednesday.

The group, dubbed ‘Storm-2603’ by Microsoft, is now using the SharePoint vulnerability to spread ransomware that can lock down systems and demand digital payments. This shift suggests a move from espionage to broader disruption.

according to Eye Security, a cybersecurity firm from the Netherlands, the number of known victims has surged from 100 to over 400, with the possibility that the true figure is likely much higher.

‘There are many more, because not all attack vectors have left artefacts that we could scan for,’ said Eye Security’s chief hacker, Vaisha Bernard.

One confirmed victim is the US National Institutes of Health, which isolated affected servers as a precaution. Reports also indicate that the Department of Homeland Security and several other agencies have been impacted.

The breach stems from an incomplete fix to Microsoft’s SharePoint software vulnerability. Both Microsoft and Google-owner Alphabet have linked the activity to Chinese hackers—a claim Beijing denies.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!