Cybercrime

Hackers hijack NY Post X account to scam crypto users

Cybercriminals reportedly breached the New York Post’s X account. They targeted cryptocurrency enthusiasts by luring them into a Telegram-based scam, disguised as a podcast invitation.

The fraudulent message, impersonating journalist Paul Sperry, invited users to a supposed editorial feature, offering both in-person and virtual interview options.

Kerberus CEO Alex Katz flagged the issue, confirming the scam was being pushed from NYP’s verified X profile.

Cybersecurity expert ‘Drew’ noted the attackers blocked replies to prevent the real NYP team from spotting the breach. He warned users not to respond to Telegram messages, emphasising that the invite was fake.

Unlike typical crypto scams involving phishing links or wallet drainers, this attack focused on private messaging and trust manipulation.

Victims reported that the scammer used detailed, personal references and staged interviews. These interviews enabled audio-triggered suspicious pop-ups, including one labelled ‘WiFi.’

Security experts say such methods exploit user trust built through prior interactions. As social engineering tactics evolve, crypto users are urged to verify every identity, even those they communicate with regularly.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Cyberattacks against US soar in early 2025

Cyberattacks targeting the US surged dramatically in early 2025, according to a new report from cybersecurity firm Trellix. Between October 2024 and March 2025, advanced persistent threats (APTs) increased by 136% compared to the previous quarter.

China’s cyber operations showed significant sophistication, with groups such as APT40 and Mustang Panda leading the charge. APT41, another Chinese-affiliated group, intensified its activities by 113%, focusing on exploiting both new and known vulnerabilities rather than relying on phishing tactics.

Analysts noted that nearly half of these threats originated from China, while over a third were linked to Russia. Meanwhile, Russia’s APT29, also known as Midnight Blizzard, primarily targeted transportation, shipping, and telecommunications sectors.

The report highlighted that government institutions remained the primary focus of hostile cyber actors. However, the telecommunications industry experienced a sharp 92% increase in APT attacks, while the technology sector faced a staggering 119% rise.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Hackers target UK retailers with fake IT calls

British retailers are facing a new wave of cyberattacks as hackers impersonate IT help desk staff to infiltrate company systems. The National Cyber Security Centre (NCSC) has issued an urgent warning following breaches at major firms including Marks & Spencer, Co-op, and Harrods.

Attackers use sophisticated social engineering tactics—posing as locked-out employees or IT support staff—to trick individuals into giving up passwords and security details. The NCSC urges companies to strengthen how their IT help desks verify employee identities, particularly when handling password resets for senior staff.

Security experts in the UK recommend using multi-step verification methods and even code words to confirm identities over the phone. These additional layers are vital, as attackers increasingly exploit trust and human error rather than technical vulnerabilities.

While the NCSC hasn’t named any group officially, the style of attack closely resembles the methods of Scattered Spider, a loosely connected network of young, English-speaking hackers. Known for high-profile cyber incidents—including attacks on Las Vegas casinos and public transport systems—the group often coordinates via platforms like Discord and Telegram.

However, those claiming responsibility for the latest breaches deny links to Scattered Spider, calling themselves ‘DragonForce.’ Speaking to the BBC, the group claimed to have stolen significant customer and employee data from Co-op and hinted at more disruptions in the future.

The NCSC is investigating with law enforcement to determine whether DragonForce is a new player or simply a rebranded identity of the same well-known threat actors.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

How digital twins are being weaponised in crypto scams

Digital twins are virtual models of real-world objects, systems, or processes. They enable real-time simulations, monitoring, and predictions, helping industries like healthcare and manufacturing optimise resources. In the crypto world, cybercriminals have found a way to exploit this technology for fraudulent activities.

Scammers create synthetic identities by gathering personal data from various sources. These digital twins are used to impersonate influencers or executives, promoting fake investment schemes or stealing funds. The unregulated nature of crypto platforms makes it easier for criminals to exploit users.

Real-world scams are already happening. Deepfake CEO videos have tricked executives into transferring funds under false pretences. Counterfeit crypto platforms have also stolen sensitive information from users. These scams highlight the risks of AI-powered digital twins in the crypto space.

Blockchain offers solutions to combat these frauds. Decentralised identities (DID) and NFT identity markers can verify interactions. Blockchain’s immutable audit trails and smart contracts can help secure transactions and protect users from digital twin scams.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Trump signals new extension for TikTok divestment deadline

President Donald Trump indicated he would extend the deadline set for the Chinese-owned company ByteDance to sell TikTok’s US operations if negotiations remain unfinished by 19 June.

The popular short-video app, used by around 170 million Americans, played a significant role in Trump’s appeal to younger voters during his 2024 election campaign. Trump described TikTok positively, hinting at protective measures rather than outright prohibition.

Originally mandated by Congress, the TikTok ban was supposed to be enforced starting on 19 January. Trump, however, has twice extended this deadline amid ongoing negotiations.

A potential agreement to spin off TikTok’s US operations into a new, US-majority-owned firm was suspended after China objected, a reaction spurred by Trump’s substantial tariffs on Chinese goods.

Democratic senators have challenged Trump’s authority to postpone the deadline further, arguing that the proposed spin-off arrangement does not satisfy legal conditions outlined in the original legislation.

Insiders indicate negotiations continue behind the scenes, though a resolution remains dependent on settling broader trade conflicts between the US and China.

Trump remains firm about maintaining high tariffs on China, now at 145%, which he insists significantly impacts the Chinese economy.

Yet, he has left the door open to eventually lowering these tariffs within a more comprehensive trade agreement, acknowledging China’s strong desire to resume business with the U.S.

Despite multiple extensions, the fate of TikTok’s US operations remains uncertain, as political and economic factors continue shaping negotiations. Trump’s willingness to extend deadlines reflects broader geopolitical dynamics between Washington and Beijing, linking digital platform regulation closely with international trade policy.

New Zealand central bank warns of AI risks

The Reserve Bank of New Zealand has warned that the swift uptake of AI in the financial sector could pose a threat to financial stability.

A report released on Monday highlighted how errors in AI systems, data privacy breaches and potential market distortions might magnify existing vulnerabilities instead of simply streamlining operations.

The central bank also expressed concern over the increasing dependence on a handful of third-party AI providers, which could lead to market concentration instead of healthy competition.

A reliance like this, it said, could create new avenues for systemic risk and make the financial system more susceptible to cyber-attacks.

Despite the caution, the report acknowledged that AI is bringing tangible advantages, such as greater modelling accuracy, improved risk management and increased productivity. It also noted that AI could help strengthen cyber resilience rather than weaken it.

The analysis was published just ahead of the central bank’s twice-yearly Financial Stability Report, scheduled for release on Wednesday.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Cyber incident disrupts services at Marks & Spencer

Marks & Spencer has confirmed that a cyberattack has disrupted food availability in some stores and forced the temporary shutdown of online services. The company has not officially confirmed the nature of the breach, but cybersecurity experts suspect a ransomware attack.

The retailer paused clothing and home orders on its website and app after issues arose over the Easter weekend, affecting contactless payments and click-and-collect systems. M&S said it took some systems offline as a precautionary measure.

Reports have linked the incident to the hacking group Scattered Spider, although M&S has declined to comment further or provide a timeline for the resumption of online orders. The disruption has already led to minor product shortages and analysts anticipate a short-term hit to profits.

Still, M&S’s food division had been performing strongly, with grocery spending rising 14.4% year-on-year, according to Kantar. The retailer, which operates around 1,000 UK stores, earns about one-third of its non-food sales online. Shares dropped earlier in the week but closed Tuesday slightly up.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

France accuses Russia of cyberattacks on Olympic and election targets

France has publicly accused Russia’s military intelligence agency of launching cyberattacks against key French institutions, including the 2017 presidential campaign of Emmanuel Macron and organisations tied to the Paris 2024 Olympics.

The allegations were presented by Foreign Minister Jean-Noël Barrot at the UN Security Council, where he condemned the attacks as violations of international norms. French authorities linked the operations to APT28, a well-known Russian hacking group connected to the GRU.

The group also allegedly orchestrated the 2015 cyberattack on TV5 Monde and attempted to manipulate voters during the 2017 French election by leaking thousands of campaign documents. A rise in attacks has been noted ahead of major events like the Olympics and future elections.

France’s national cybersecurity agency recorded a 15% increase in Russia-linked attacks in 2024, targeting ministries, defence firms, and cultural venues. French officials warn the hacks aim to destabilise society and erode public trust.

France plans closer cooperation with Poland and pledged to counter Russia’s cyber operations with all available means.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

4chan returns after major cyberattack

After suffering what it called a ‘catastrophic’ cyberattack earlier this month, controversial image board 4chan has returned online, admitting its systems were breached through outdated software.

The attacker, reportedly using a UK-based IP address, gained entry by uploading a malicious PDF, allowing access to 4chan’s database and administrative dashboard. The intruder exfiltrated source code and sensitive data before vandalising the site, which led to its temporary shutdown on 14 April.

Although 4chan avoided directly naming the software vulnerability, it indirectly confirmed suspicions that a severely outdated backend—possibly an old version of PHP—was at fault. The site confessed that slow progress in updating its infrastructure resulted from a chronic lack of funds and technical support.

It blamed years of financial instability on advertisers, payment processors, and providers pulling away under external pressure, leaving it dependent on second-hand hardware and a stretched, largely volunteer development team.

Despite purchasing new servers in mid-2024, the transition was slow and incomplete, meaning key services still ran on legacy equipment when the breach occurred. Following the attack, 4chan replaced the compromised server and implemented necessary software updates.

PDF uploads have been suspended, and the Flash board permanently closed due to the difficulty in preventing similar exploits through .swf files.

Now relying on volunteer tech workers to support its recovery efforts, the site insists it won’t be shut down. ‘4chan is back,’ it declared, claiming no other site could replace its unique community, despite long-standing criticism over its content and lax moderation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

FBI warns users not to click on suspicious messages

Cybersecurity experts are raising fresh alarms following an FBI warning that clicking on a single link could lead to disaster.

With cyberattacks becoming more sophisticated, hackers now need just 60 seconds to compromise a victim’s device after launching an attack.

Techniques range from impersonating trusted brands like Google to deploying advanced malware and using AI tools to scale attacks even further.

The FBI has revealed that internet crimes caused $16 billion in losses during 2024 alone, with more than 850,000 complaints recorded.

Criminals exploit emotional triggers like fear and urgency in phishing emails, often sent from what appear to be genuine business accounts. A single click could expose sensitive data, install malware automatically, or hand attackers access to personal accounts by stealing browser session cookies.

To make matters worse, many attacks now originate from smartphone farms targeting both Android and iPhone users. Given the evolving threat landscape, the FBI has urged everyone to be extremely cautious.

Their key advice is clear: do not click on anything received via unsolicited emails or text messages, no matter how legitimate it might appear.

Remaining vigilant, avoiding interaction with suspicious messages, and reporting any potential threats are critical steps in combating the growing tide of cybercrime.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!