Cybercrime

Singapore minister warns against crypto investments amid rising fraud

Singapore’s Minister of State for Home Affairs, Sun Xueling, has issued a strong warning about the risks of investing in cryptocurrency, citing an alarming rise in fraud cases.

During a parliamentary debate on 4 March, she explained that the anonymous nature of digital assets makes them easy targets for criminals, contributing to a sharp increase in financial losses. Fraud linked to cryptocurrency scams now accounts for a quarter of the $1.1 billion in fraud cases reported in the country.

Scammers increasingly use digital assets to evade traditional banking security checks, often instructing victims to convert their money into cryptocurrency.

Hacking, phishing, and fraudulent investment schemes have become more common, with one of the largest scams last year resulting in a loss of $125 million. Sun urged the public to avoid cryptocurrencies, stressing the high risk and slim chances of recovering stolen funds.

Despite the rise in scams, Singapore’s regulatory landscape continues to evolve. The Monetary Authority of Singapore oversees local cryptocurrency operations under the Payment Services Act, but many foreign exchanges remain outside its jurisdiction.

To combat rising fraud, the country recently passed the Anti-Fraud Protection Bill, which allows authorities to block transactions from suspected victims who ignore warnings.

As Singapore balances crypto adoption and consumer protection, businesses are increasingly embracing digital payments, particularly stablecoins. The entry of major players, such as Robinhood, into Singapore’s crypto market is set to boost the adoption of blockchain-based transactions.

For more information on these topics, visit diplomacy.edu

US hits Chinese hackers with indictments and sanctions over cyber espionage

The United States has indicted ten individuals, including employees of the Chinese tech company i-Soon, for their involvement in a years-long cyber espionage campaign that targeted various US government agencies and organisations worldwide.

The campaign allegedly stole sensitive data from entities such as the US Defense Intelligence Agency, the Department of Commerce, and foreign ministry of Taiwan. The hackers, associated with i-Soon, were reportedly hired by Chinese intelligence agencies to breach email systems for substantial payments.

Along with the indictments, the US Treasury Department has imposed sanctions on Shanghai-based Heiying Information Technology and its founder, Zhou Shuai, accusing them of selling stolen data and providing access to compromised networks.

The data reportedly included information from US critical infrastructure networks. Some of this stolen data was later acquired by a previously sanctioned Chinese hacker, Yin Kecheng.

The Chinese embassy in Washington responded by condemning the sanctions and stating that it would take necessary actions to protect Chinese companies and citizens.

The US government’s aggressive stance is part of an ongoing effort to curb Chinese cyber espionage activities and defend its digital infrastructure.

For more information on these topics, visit diplomacy.edu.

CoinDCX to manage seized crypto assets for India’s enforcement directorate

India’s Enforcement Directorate (ED) has chosen CoinDCX to manage and store seized digital assets as part of a crackdown on cryptocurrency-related financial crimes.

The partnership follows high-profile fraud cases like GainBitcoin and BitConnect, which have raised concerns over investor protection. CoinDCX will offer secure custody services to safeguard these assets, implementing advanced security protocols to ensure their integrity.

In a recent case, the ED seized digital assets worth approximately $198 million linked to the BitConnect scam, which defrauded investors worldwide.

Earlier, the Central Bureau of Investigation (CBI) had seized $2.88 million in the GainBitcoin scam, uncovering evidence of financial misappropriation and cross-border transactions. These actions highlight the increasing efforts by authorities to tackle large-scale cryptocurrency fraud.

As cryptocurrency adoption rises in India, regulatory bodies are focusing on stronger enforcement to protect investors from fraudulent schemes.

The collaboration with CoinDCX is part of a broader strategy to ensure transparency in the handling of seized funds and to maintain the integrity of ongoing investigations.

For more information on these topics, visit diplomacy.edu

UK regulator sets deadline for assessing online content risks

Britain’s media regulator, Ofcom, has set a 31 March deadline for social media and online platforms to submit a risk assessment on the likelihood of users encountering illegal content. This move follows new laws passed last year requiring companies such as Meta’s Facebook and Instagram, as well as ByteDance’s TikTok, to take action against criminal activities on their platforms. Under the Online Safety Act, these firms must assess and address the risks of offences like terrorism, hate crimes, child sexual exploitation, and financial fraud.

The risk assessment must evaluate how likely it is for users to come across illegal content, or how user-to-user services could facilitate criminal activities. Ofcom has warned that failure to meet the deadline could result in enforcement actions against the companies. The new regulations aim to make online platforms safer and hold them accountable for the content shared on their sites.

The deadline is part of the UK‘s broader push to regulate online content and enhance user safety. Social media giants are now facing stricter scrutiny to ensure they are addressing potential risks associated with their platforms and protecting users from harmful content.

For more information on these topics, visit diplomacy.edu.

US reassessment of Russian cyber threat signals strategic shift in cyber geopolitics

The Guardian reports on the shift in the USA digital diplomacy with a major impact on global cyber geopolitics. After rumours of dropping Russia as a cyber threat, the first public signal on this shift was the USA’s statement at the UN working group meeting on cybersecurity when Liesyl Franz, a US representative, did not indicate Russia as a cyber threat alongside China and Iran. It is a significant shift in the USA digital diplomacy and cyber geopolitics.

The US representative also omitted usual USA references to allies and partners in cyber politics. The Guardian reports on various concerns of this shift, including a view of James Lewis, USA cybersecurity veteran: ‘It’s incomprehensible to give a speech about threats in cyberspace and not mention Russia, and it’s delusional to think this will turn Russia and the FSB [the Russian security agency] into our friends.’

This repositioning aligns with ongoing efforts to improve US-Russia relations, contrasting starkly with European allies’ views on the threat posed by Russia. It remains to be seen if this shift relates only to cybersecurity or it the US will revisit other aspects related to AI and digital governance.

For more information on these topics, visit diplomacy.edu.

Democrats call for clarification on cyber pause against Russia

Democratic lawmakers are calling for an explanation from the Pentagon after reports surfaced about an order to pause offensive cyber operations against Russia during sensitive negotiations aimed at ending the war in Ukraine.

The decision to halt such operations, which disrupt rival computer networks, is not unusual in the context of diplomatic efforts but has raised concerns among lawmakers. The order was first reported by The Record and later confirmed by two anonymous sources familiar with the matter.

Senate Minority Leader Chuck Schumer criticised the move, calling it a ‘critical strategic mistake’ and arguing that ‘the best defence is always a strong offence’, especially in cybersecurity.

Representative Adam Smith, the top Democrat on the House Armed Services Committee, also demanded that the Pentagon provide Congress with details regarding the scope of the pause and its potential impact on US allies. He further questioned whether a risk assessment was made before the decision.

The Pentagon declined to comment on the matter, citing operational security concerns. The pause in cyber operations comes amid rising tensions surrounding President Donald Trump’s recent dealings with Russia, including a public clash with Ukrainian President Volodymyr Zelenskiy.

Trump has shifted US policy by engaging in talks with Moscow and openly criticising Zelenskiy, suggesting that America could pull its support for Ukraine if the war does not end soon.

For more information on these topics, visit diplomacy.edu.

US pauses cyber operations against Russia

US Defense Secretary Pete Hegseth has ordered a pause on all cyber operations against Russia, including offensive actions, as part of a broader reassessment of US operations related to Russia. The duration and specifics of the pause remain unclear, according to multiple US media reports. The Pentagon declined to comment on the matter, citing operational security concerns.

This move comes amid US President Donald Trump’s push for negotiations to end the war in Ukraine, as well as his recent criticism of Ukrainian President Volodymyr Zelensky. Trump has positioned himself as a mediator between Russian President Vladimir Putin and Zelensky, calling for less focus on Putin.

Despite media reports suggesting a shift in cyber strategy, US National Security Adviser Mike Waltz denied any policy change regarding cyber operations against Russia. He emphasised that efforts to end the war would continue with a range of diplomatic and strategic tools.

For more information on these topics, visit diplomacy.edu.

Stolen Bybit funds laundered at alarming speed

The hacker behind the $1.4 billion Bybit exploit has already laundered more than half of the stolen Ethereum, primarily swapping it for Bitcoin via THORChain. Blockchain analysts report that over $614 million has been moved in just five days, pushing THORChain’s daily transaction volumes from an average of $80 million to an astonishing $580 million. On 26 February alone, swaps reached a record $859 million.

The US Federal Bureau of Investigation has officially linked the attack to North Korean state-sponsored hackers, identifying it as part of a wider cybercrime operation. Security experts confirmed that Bybit’s core infrastructure remained intact, with the breach traced back to a compromised developer machine that injected malicious code into the Gnosis Safe UI. While the attack targeted Bybit’s cold wallet, the platform’s smart contracts were not affected.

In response, Bybit has launched a dedicated website to track the movement of stolen funds and is offering a bounty to exchanges that assist in their recovery. The incident underscores a growing trend where hackers are shifting focus from exchanges themselves to the infrastructure providers that support them.

For more information on these topics, visit diplomacy.edu

Europol busts criminal group distributing AI-generated child abuse content

Europol announced on Friday that two dozen people have been arrested for their involvement in a criminal network distributing AI-generated images of child sexual abuse. This operation marks one of the first of its kind, highlighting concerns over the use of AI in creating illegal content. Europol noted that there is currently a lack of national legislation addressing AI-generated child abuse material.

The primary suspect, a Danish national, operated an online platform where he distributed the AI-generated content he created. Users from around the world paid a ‘symbolic online payment’ to access the material. The platform has raised significant concerns about the potential misuse of AI tools for such criminal purposes.

The ongoing operation, which involves authorities from 19 countries, resulted in 25 arrests, with most occurring simultaneously on Wednesday under the leadership of Danish authorities. Europol indicated that more arrests are expected in the coming weeks as the investigation continues.

For more information on these topics, visit diplomacy.edu.

FBI says North Korea behind $1.5bn crypto heist

North Korean hackers have recorded the largest cryptocurrency theft, stealing approximately $1.5bn from the Dubai-based exchange ByBit. According to the FBI, the stolen funds have already been converted into Bitcoin and spread across thousands of blockchain addresses. The attack highlights North Korea’s growing expertise in cybercrime, with proceeds believed to be funding its nuclear weapons programme.

The notorious Lazarus Group, linked to the regime, has been responsible for several high-profile hacks, including the theft of over $1.3bn in cryptocurrency last year. Experts say the group employs advanced malware and social engineering tactics to breach exchanges and launder stolen assets into fiat currency. These funds are critical for bypassing international sanctions and financing North Korea’s military ambitions.

Beyond cybercrime, Pyongyang has deepened its ties with Russia, allegedly supplying troops and weapons in exchange for financial backing and technological expertise. Meanwhile, the regime has recently reopened its borders to a limited number of international tourists, aiming to generate much-needed foreign income. As global scrutiny intensifies, concerns are growing over North Korea’s increasing reliance on illicit activities to prop up its economy and expand its military power.

For more information on these topics, visit diplomacy.edu