The United Nations General Assembly has adopted a landmark treaty to combat cybercrime, marking the culmination of five years of negotiations. The UN Convention against Cybercrime is set to become the first global instrument for global efforts to combat cybercrime and enhance international cooperation and technical assistance.
The UN Office on Drugs and Crime (UNODC), which acted as secretariat throughout the negotiations, celebrated the treaty as a victory for global cooperation.
‘Adopting this landmark convention is a major victory for multilateralism, marking the first international anti-crime treaty in 20 years. It is a crucial step forward in our efforts to address crimes like online child sexual abuse, sophisticated online scams and money laundering,’ said UNODC Executive Director Ghada Waly.
The General Assembly adopted the resolution by consensus, underscoring widespread support. Negotiations included contributions from civil society, academia, and the private sector, ensuring the treaty reflects diverse perspectives. However, many non-state actors raisedconcerns about the latest draft.
The treaty will open for signature during a formal ceremony in Vietnam in 2025 and will enter into force 90 days after being ratified by at least 40 member states. In addition, UNODC will continue its role as the secretariat for the Ad Hoc Committee, which is tasked with drafting a supplementary protocol to the Convention and supporting the future Conference of States Parties.
For more details about the Convention and negotiations process, please follow the dedicated page.
A recent cybersecurity breach involving US healthcare platform ConnectOnCall has compromised sensitive information belonging to more than 910,000 patients. The telehealth service, owned by Phreesia, experienced unauthorised access between February and May 2024, exposing names, phone numbers, medical details, and in some cases, Social Security numbers. Phreesia promptly took action after discovering the breach, enlisting cybersecurity experts and notifying federal authorities.
ConnectOnCall facilitates after-hours communication for healthcare providers, making the data theft particularly alarming due to the permanent and sensitive nature of health records. Cybercriminals may use this information for identity theft, fraudulent insurance claims, and targeted phishing attacks. Phreesia has since taken the service offline, offering identity and credit monitoring to affected patients, while working to implement more robust security measures.
The breach highlights the growing threat posed by cyberattacks on US healthcare platforms, where data is not only invaluable but also irreplaceable. Experts urge vigilance, such as monitoring accounts, using strong passwords, and employing identity theft protection. With incidents like this on the rise, calls are growing for stricter regulations to safeguard patient information and prevent similar breaches in the future.
A crafty new scam is ensnaring would-be crypto thieves by baiting them with fake wallet seed phrases. Cybersecurity experts at Kaspersky have revealed how scammers post these phrases in YouTube comments, claiming the wallets hold significant funds. The wallets, however, are traps designed to exploit anyone attempting to steal the assets.
One wallet discovered by Kaspersky analyst Mikhail Sytnik reportedly held $8,000 in USDT on the Tron network. A thief must send Tron (TRX) tokens to move the funds to cover transaction fees. Unbeknownst to them, the wallet is a multi-signature account, meaning the TRX sent for fees is instantly redirected to another wallet controlled by the scammers.
Sytnik described the scammers as “digital Robin Hoods” for targeting other opportunists. He advised people never to try accessing others’ wallets, even if given a seed phrase, and to remain cautious of strangers’ claims about cryptocurrency online.
This isn’t the first time fraudsters have exploited greed in the crypto space. In July, Kaspersky exposed a similar scam on Telegram, where users were tricked into downloading malware disguised as legitimate crypto tools, potentially compromising their devices and funds.
The United States has charged Rostislav Panev, a Russian-Israeli dual citizen, for his alleged role as a developer for the Lockbit ransomware group, which authorities describe as one of the world’s most destructive cybercrime operations. Panev, arrested in Israel in August, awaits extradition.
Lockbit, active since 2019, targeted over 2,500 victims across 120 countries, including critical infrastructure and businesses, extorting $500 million. Recent arrests, guilty pleas, and international law enforcement efforts have significantly disrupted the group’s activities.
Experts say law enforcement actions have tarnished Lockbit’s reputation, reducing its attacks and deterring affiliates. Authorities emphasise the importance of holding cybercriminals accountable.
A US judge has ruled against Israel’s NSO Group in a lawsuit brought by WhatsApp, finding the spyware firm liable for hacking and breach of contract. The case, heard in Oakland, California, revolves around allegations that NSO exploited a vulnerability in WhatsApp to install Pegasus spyware, enabling unauthorised surveillance of 1,400 individuals. The court decision moves the case forward to determine damages.
Will Cathcart, head of WhatsApp, described the ruling as a triumph for privacy, emphasising the need for accountability in the spyware industry. WhatsApp expressed gratitude for support from various organisations and pledged continued efforts to safeguard private communications. Cybersecurity experts, including Citizen Lab’s John Scott-Railton, hailed the judgment as a pivotal moment for holding spyware companies accountable.
NSO argued that its Pegasus software serves to combat serious crime and threats to national security. However, the courts previously rejected claims of immunity, noting the company’s activities fell outside the protection of federal law. Appeals by NSO to higher courts, including the US Supreme Court, failed, paving the way for the trial to proceed.
The judgment signals a significant shift in how the spyware industry may be regulated, with implications for firms previously claiming they were not responsible for the misuse of their technology. Experts see it as a warning to surveillance companies that illegal actions will not go unchallenged.
Cryptocurrency theft reached $2.2bn (£1.76bn) in 2024, with North Korean hackers reportedly responsible for $1.3bn, according to a Chainalysis report. The total marks a 21% increase from 2023, though it remains lower than peak years.
The study highlights that hackers often target private keys used to access crypto platforms, causing severe losses for centralised exchanges. Significant breaches included a $300m theft from Japan‘s DMM Bitcoin and a $235m loss from India-based WazirX. Many attacks were linked to citizens of North Korea posing as remote IT workers.
The United States government has accused Pyongyang of using stolen funds to evade sanctions and finance weapons programmes. Recently, 14 North Koreans were indicted in a federal court for alleged extortion schemes, while the State Department announced a $5m reward for information on these activities.
During a freelancer meetup at Café Oz in Paris on 3 December, Scott Horlacher, a software engineer, found himself caught in a crypto scam. While discussing with two individuals who claimed to represent a new crypto exchange called Lainchain, Horlacher grew suspicious. The platform’s design and its request for users to input wallet seed phrases instead of standard security measures made Horlacher realise he was dealing with a scam.
After confronting the duo, they swiftly left the event. Horlacher, along with others, began to warn fellow attendees. A subsequent investigation by AMLBot, a blockchain forensics firm, revealed that Lainchain was a sophisticated phishing scam designed to steal personal and wallet information from users. The scam relied on fake identities and social engineering tactics to deceive victims.
Lainchain’s website appeared professional but was full of red flags, including the manipulation of wallet access and demands for seed phrases. The platform’s hosts were found to be connected to other fraudulent websites, and investigations showed their use of stolen identities to create false legitimacy. The scammers also exploited Telegram and other social media platforms to lure victims.
This case serves as a reminder of the growing threat of phishing scams in the crypto space. Users are urged to be cautious of any platform requesting private keys or seed phrases and to verify the legitimacy of any crypto-related website or service before engaging with it.
Ukraine‘s Deputy Prime Minister Olha Stefanishyna announced that Russia launched a large-scale cyberattack on Thursday, temporarily crippling the country’s state registries. These registries contain essential citizen data, including information on births, deaths, marriages, and property ownership. The attack forced a suspension of services managed by the Ministry of Justice.
Stefanishyna described the incident as a deliberate attempt by Russia to disrupt Ukraine’s critical infrastructure. While restoration efforts are expected to take about two weeks, some services will resume on Friday. Other state functions appear to be unaffected.
This is the latest in a series of cyberattacks during the ongoing war, including a December 2023 assault on Ukrainian telecom provider Kyivstar and previous attacks on Russian ministries. Ukrainian authorities plan to conduct a thorough investigation to bolster defences against future cyber threats.
A former vice president of finance at Delphi Digital has been sentenced to four years in jail after admitting to embezzling nearly $4.5 million from the cryptocurrency research company. Dylan Meissner will also serve two years of supervised release and must repay more than $4.6 million, including funds he stole and an unpaid loan.
The Connecticut District Court found that Meissner, who managed Delphi’s finances between October 2021 and November 2022, accessed the company’s crypto wallets and bank accounts to steal millions. He also fabricated financial records to cover up the theft. In one instance, he took a 50 Ether loan worth $170,000 but failed to repay it, marking the start of his fraudulent activities.
Prosecutors argued that Meissner’s actions were part of a calculated scheme, not a reckless act of desperation. Though his defence cited substance abuse and efforts to atone for his actions, the court noted the sustained nature of his crimes. Meissner pleaded guilty to wire fraud as part of a deal and will report to jail in February 2025.
A panel discussion at the Internet Governance Forum (IGF) raised serious concerns over the UN Cybercrime Treaty and its potential to undermine human rights. Experts from organisations such as Human Rights Watch and the Electronic Frontier Foundation criticised the treaty’s broad scope and lack of clear safeguards for individual freedoms. They warned that the treaty’s vague language, particularly around what constitutes a ‘serious crime,’ could empower authoritarian regimes to exploit its provisions for surveillance and repress dissent.
Speakers such as Joey Shea from Human Rights Watch and Lina al-Hathloul, a Saudi human rights defender, pointed out the risks posed by the treaty’s expansive investigative powers, which extend beyond cybercrimes to any crimes defined by domestic law. Flexibility like this one could force countries to assist in prosecuting acts that are not crimes within their own borders. They also highlighted the treaty’s weak privacy protections, which could jeopardise encryption standards and further harm cybersecurity researchers.
Deborah Brown from Human Rights Watch and Veridiana Alimonti of the Electronic Frontier Foundation shared examples from Saudi Arabia and Latin America, where existing cybercrime and anti-terrorism laws have already been used to target journalists and activists. The panelists expressed concern that the treaty could exacerbate these abuses globally, especially for cybersecurity professionals and civil society.
Fionnuala Ni Aolain, a former UN Special Rapporteur on counterterrorism and human rights, emphasised that the treaty’s provisions could lead to criminalising the vital work of cybersecurity researchers. She joined other experts in urging policymakers and industry leaders to resist ratification in its current form. They called for upcoming protocol negotiations to address these human rights gaps and for greater involvement of civil society voices to prevent the treaty from becoming a tool for transnational repression.
