US agencies have briefed senators on ‘Salt Typhoon,’ a Chinese cyber-espionage campaign allegedly targeting American telecommunications networks. Officials claim the hackers stole call metadata and other sensitive information, affecting at least eight US telecom firms and dozens of companies worldwide. The breaches have sparked bipartisan concern, with some senators pressing for stronger preventive measures and legislation.
Telecom giants like Verizon, AT&T, and T-Mobile acknowledged the incidents but downplayed the impact on customer data. Federal agencies, including the FBI and Cybersecurity and Infrastructure Security Agency, emphasised the challenge of fully removing hackers from networks, while incoming FCC Chair Brendan Carr pledged to strengthen cybersecurity defences.
China has denied the allegations, calling them disinformation. Meanwhile, a Senate subcommittee hearing on December 11 will focus on the risks posed by such cyber threats and explore ways to protect US communications infrastructure.
A senior United States cybersecurity official has urged Americans to embrace encryption to safeguard their communications, citing ongoing efforts to expel alleged Chinese hackers from US telecom networks. Jeff Greene, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), emphasised the importance of avoiding plaintext communications and recommending encrypted apps like Signal and WhatsApp.
US authorities have accused hackers from China of infiltrating telecommunications companies, such as T-Mobile, to access sensitive data, including call records and intercepted audio, predominantly from Washington, DC. Beijing has denied the allegations, calling them disinformation. Greene acknowledged that removing the hackers entirely from the networks could take an unpredictable amount of time, further underscoring the need for encryption to ensure secure communications.
The advice marks a notable shift from previous US government positions that questioned strong encryption’s impact on public safety. As concerns over foreign cyber intrusions grow, Greene’s remarks highlight encryption as a critical tool for Americans facing prolonged cybersecurity threats.
The founder of Hydra, a notorious darknet marketplace and crypto mixing service has been sentenced to life in prison by a Russian court. Stanislav Moiseev and 15 accomplices were convicted of running a criminal network that handled over $5 billion in cryptocurrency transactions, while also producing and selling illegal drugs and psychotropic substances. Moiseev was also fined $38,100, with additional fines imposed on his accomplices.
Hydra, which was dismantled in 2022 by German authorities, accounted for 80% of all darknet-related cryptocurrency transactions at its peak. It sold stolen credit card data, counterfeit currencies, and fake identity documents. Despite its shutdown, Hydra’s criminal operations left a significant mark, with its user base reportedly including 17 million customers and 19,000 vendors.
The sentences include prison terms ranging from eight to 23 years for Moiseev’s accomplices, alongside the seizure of properties, vehicles, and nearly a ton of drugs. Russian officials have been investigating Hydra since 2016, but the convictions are subject to appeal.
Safe, the multsignature wallet and digital assets platform, has announced plans to launch a blockchain transaction processor network in 2025. Named Safenet, the network aims to provide instant cross-chain payments, eliminating the delays often experienced during blockchain transactions. Inspired by VisaNet, the network will act as a connecting layer for existing blockchains, allowing users to interact with multiple networks through a single account.
Safenet, which will be powered by processors, is designed to offer a seamless experience similar to traditional payment networks, where transactions are processed instantly. The system will also integrate fraud checks, compliance measures, and security protocols to ensure safe transactions. Initially, Safenet will support cross-chain accounts and liquidity functions, with plans to expand its services in the future.
The open system of Safenet allows more processors to join, offering additional services like security, compliance, and automation. Validators will earn rewards by validating transactions and staking in the ecosystem. Schor also mentioned that the platform could offer users the ability to access assets with partial collateral, similar to how traditional banks manage mortgages.
The Safenet network is expected to go live in 2025, with an alpha version set for the first quarter. A validator network is planned for the second quarter, and the full protocol will be launched later in the year, bringing new opportunities to the crypto space.
The SEC has settled allegations against ICBC Financial Services, a US-based unit of the Industrial and Commercial Bank of China, following a ransomware attack in November 2023.
The attack disrupted the company’s operations, including its ability to maintain accurate records and notify customers of securities-related transactions for nearly four months.
Regulators cited the firm’s lack of preparation for a significant cybersecurity incident as a factor leading to the breach. Despite this, the SEC refrained from imposing a civil fine, crediting the company’s meaningful cooperation and extensive remedial efforts in addressing the situation.
ICBC Financial Services neither admitted nor denied any wrongdoing in the settlement. The agreement highlights the SEC’s focus on ensuring firms take proactive steps to strengthen their cybersecurity defences.
Hostile cyber activity targeting the UK has surged, with incidents increasing by 16% in 2024 compared to the previous year. The National Cyber Security Centre (NCSC) reported handling 430 incidents, up from 371 in 2023. Of these, 347 involved data exfiltration, while 20 were linked to ransomware, underscoring the growing risks.
Richard Horne from the NCSC revealed that adversaries are exploiting society’s reliance on technology to maximise disruption. The centre issued 542 notifications to affected organisations, more than doubling the number of alerts from the previous year. Critical infrastructure sectors such as energy, transport, and health remain particularly vulnerable to ransomware attacks.
The annual review from the NCSC emphasised the evolving nature of threats, warning of the potential for AI to enhance cyberattack complexity. Officials also noted that the risks posed by state actors and cybercriminals remain underestimated. Horne urged against complacency, highlighting the severity of both immediate and long-term dangers.
Efforts to counter these threats are intensifying, but experts stress the importance of strengthening defences and maintaining vigilance as the cyber landscape becomes increasingly hostile.
Indian police are investigating how a Starlink satellite internet device was used in a massive drug smuggling operation. Officers in the Andaman and Nicobar Islands seized over 6,000 kilograms of methamphetamine, worth an estimated $4.25 billion, from a Myanmar vessel last week. Six Myanmar nationals were detained in what has become the largest drug bust in the region’s history.
Authorities revealed the smugglers relied on a Starlink device to navigate the deep seas and evade detection. Starlink, which provides internet coverage in international waters, has yet to formally launch in India, pending government approvals. Investigators aim to trace the device’s purchase and usage history to uncover potential links to smuggling networks.
The Starlink Mini, a portable satellite kit described as compact enough to fit in a backpack, was reportedly used during the entire journey from Myanmar. Police suspect the device bypassed traditional communication methods by creating a Wi-Fi hotspot, complicating surveillance efforts. Starlink has not commented on the incident.
Meth trafficking via maritime routes has surged across Asia, with record seizures reported in 2023. Police in India are now probing connections to both local and international criminal syndicates in this case.
Two things often come to mind when we hear the word ‘crypto’: freedom and crime. Cryptocurrencies for sure have revolutionised the financial world, offering speed, transparency, and accessibility not seen before. Yet, their promise of financial liberation comes with unintended consequences. The decentralised, pseudonymous nature of crypto makes it a double-edged sword—for some it represents freedom and for others a tool for crime.
In 2023, illicit transactions involving cryptocurrencies reached USD 24.2 billion, according to TRM Labs, with scams and fraud accounting for nearly a third of the total.
These numbers reveal a sobering truth: while crypto has opened doors to innovation, it has also become an enabler for global crime networks, from drug and human trafficking to large-scale ransomware operations. Criminals exploit this space to mask their identities, making crypto the go-to medium for those operating in the shadows.
What are the common types of crypto fraud?
Crypto fraud takes many forms, each designed to exploit vulnerabilities and prey on the unsuspecting. The most known ones are:
Ponzi and pyramid schemes– Fraudsters lure victims with promises of guaranteed high returns. These schemes use investments from new participants to pay earlier ones, creating an unsustainable cycle. When the influx of new investors dwindles, the scheme collapses, leaving most participants with nothing. In 2023, these scams contributed significantly to the USD 24.2 billion received by illicit crypto addresses, showcasing their pervasive nature.
Phishing attacks– Fake websites, emails, and messages designed to mimic legitimate services trick victims into revealing sensitive information like wallet keys. A single successful phishing attack can drain entire crypto wallets, with victims often having no recourse. The shift to stablecoins, noted for their volume in scams, has intensified the use of such tactics.
Initial Coin Offering (ICO) scams– The ICO boom has introduced countless opportunities—and risks. Fraudulent projects draw in investors with flashy whitepapers and grand promises, only to vanish with millions. For instance, ICO scams contributed to a notable chunk of crypto crimes in previous years, as highlighted by TRM Labs.
Rug pulls– Developers create hyped tokens, inflate their value, and abruptly withdraw liquidity, leaving investors holding worthless assets. In 2023, such schemes became increasingly sophisticated, targeting decentralised exchanges to exploit inexperienced investors.
Cryptojacking– Hackers infect computers or networks with malware to mine cryptocurrency without the owner’s knowledge. This hidden crime drains energy and resources, often leaving victims to discover their losses long after the attack.
Fake exchanges and wallets– Fraudulent platforms mimic legitimate services, enticing users to deposit funds, only for them to disappear. These scams exploit the trust gap among new investors, further driving crypto-related crime statistics.
The connection between crypto fraud and money laundering
Crypto fraud and money laundering are two sides of the same coin. Stolen funds need to be legitimised, and criminals have devised a range of techniques to obscure their origins. One of the most common methods involves crypto mixers and tumblers. These services blend cryptocurrencies from various sources, making it nearly impossible to trace individual transactions.
The process often works as follows:
Initial theft: Stolen funds are moved from wallets linked to scams or hacks.
Mixing: These funds are transferred to a mixing service, where they are broken into smaller amounts and shuffled with others.
Redistribution: The mixed funds are sent to new, seemingly unrelated wallets.
Conversion: The laundered crypto is then converted to stablecoins or fiat currency, often through decentralised exchanges or peer-to-peer transactions, masking its origins.
This method has made crypto a preferred tool for laundering money linked to drug cartels and even human trafficking networks. The convenience and pseudonymity of crypto ensure its growing role in these illicit industries.
How big crypto crime really is?
The numbers are staggering. Last year (2023), illicit addresses received USD 24.2 billion in funds. While scamming and hacking revenues declined (29.2% and 54.3%, respectively), ransomware attacks and darknet market activity saw significant growth. Sanctions-related transactions alone accounted for USD 14.9 billion, driven by entities operating in restricted jurisdictions.
Bitcoin and Monero remain the most-used cryptocurrency for darknet sales and ransomware.
Cryptocurrencies have become the currency of choice for underground networks and darknet markets facilitate the sale of illicit goods. Human trafficking networks use crypto for cross-border payments, exploiting its decentralised nature to evade detection.
According to the Chainalysis report, the prevalence of crypto in these crimes highlights the urgent need for better monitoring and regulation.
Stablecoins like USDT are gaining traction- criminals prefer stablecoins for their reliability as they mimic traditional fiat currencies, enabling transactions in environments where access to traditional banking is limited.
How to fight crypto crime?
Solving the issue of crypto crime requires a multi-faceted approach:
Regulatory innovation: Governments must create adaptable frameworks to address the evolving crypto landscape while encouraging legitimate use.
Public awareness: Educating users about common scams and best practices can reduce vulnerabilities at the grassroots level.
Global cooperation: International collaboration is essential as cryptocurrencies knows no borders. Only by sharing data and strategies can nations effectively combat cross-border crypto crime.
The thing is cryptocurrency is a young and rapidly evolving space. While some countries have enacted comprehensive legislation, others lag behind. However, the pace of innovation makes it nearly impossible to create foolproof regulations. Every new development introduces potential loopholes, requiring legislators to remain agile and informed.
The power of crypto: innovation or exploitation?
Cryptocurrencies hold immense power, offering unparalleled financial empowerment and innovation. As it usually happens, with great power comes great responsibility. Freedom must be balanced with accountability to ensure it serves civilisation for the greater good. Shockingly, stolen crypto assets are currently circulating undetected within global financial systems, intertwining with legitimate transactions. The question is: can the industry mitigate risks without compromising its core principles of decentralisation and transparency by addressing vulnerabilities and implementing robust safeguards? The true potential of crypto lies in its ability to reshape economies, empower the unbanked, and foster global financial inclusion. Yet, this power can also be exploited if left unchecked, becoming a tool for crime in the wrong hands. The future of crypto depends on ensuring it remains a beacon of innovation and empowerment, harnessed responsibly to create a safer, more equitable financial ecosystem for all.
The UK faces an escalating cyber threat from hostile states and criminal gangs, according to Richard Horne, head of the National Cyber Security Centre (NCSC). In his first major speech, Horne warned that the severity of these risks is being underestimated, citing a significant rise in cyber incidents, particularly from Russia and China. He described Russia’s cyber activity as ‘aggressive and reckless’ while noting that China’s operations are highly sophisticated with growing global ambitions.
Over the past year, the NCSC responded to 430 cyber incidents, a marked increase from the previous year. Among them, 12 were deemed especially severe, a threefold rise from 2023. The agency highlighted the growing threats to critical infrastructure and supply chains, urging both public and private sectors to strengthen their cyber defences. The UK also faces a growing number of ransomware attacks, often originating from Russia, which target key organisations like the British Library and healthcare services.
Horne emphasised the human costs of cyber-attacks, citing how these incidents disrupt vital services like healthcare and education. The rise in ransomware, often linked to Russian criminal gangs, is a major concern, and the NCSC is working to address these challenges. The agency’s review also pointed to increasing cyber activity from China, Iran, and North Korea, with these states targeting the UK’s infrastructure and private sector.
Experts like Professor Alan Woodward of Surrey University echoed Horne’s concerns, urging the UK to step up its cybersecurity efforts to keep pace with evolving threats. With adversaries growing more sophisticated, the government and businesses must act swiftly to protect the country’s digital infrastructure.
A coordinated global effort involving law enforcement from 40 countries has resulted in over 5,500 arrests and the seizure of more than $400 million in virtual and fiat currencies during Operation HAECHI V (July–November 2024).
The operation, led by INTERPOL and financially supported by South Korea, targeted seven major types of cyber-enabled fraud, including voice phishing, romance scams, investment fraud, and business email compromise schemes.
In one significant success, Korean and Chinese authorities dismantled a voice phishing network that defrauded over 1,900 victims of 1,511 billion KRW ($1.1 billion). The syndicate, which impersonated law enforcement and used fake IDs, saw 27 members arrested, with 19 facing formal charges.
INTERPOL issued a Purple Notice during the operation to warn member countries of a new cryptocurrency scam targeting stablecoin users. Known as the USDT Token Approval Scam, fraudsters lured victims with romance-based schemes, directing them to buy Tether stablecoins through legitimate platforms. Victims were then tricked into granting scammers full access to their cryptocurrency wallets through phishing links, allowing unauthorized fund transfers.
Operation HAECHI V also achieved record-breaking results, solving 8,309 cases—nearly double those from the previous year—and blocking 1,023 virtual asset service provider (VASP) accounts, a threefold increase from 2023.
HAECHI V participating countries, territories and regions: Albania, Argentina, Australia, Brunei, Cambodia, Canada, Cayman Islands (UK), China, France, Ghana, Hong Kong (China), India, Indonesia, Ireland, Japan, Korea, Kyrgyzstan, Laos, Liechtenstein, Macao (China), Malaysia, Maldives, Mauritius, Nigeria, Pakistan, Philippines, Poland, Portugal, Romania, Seychelles, Singapore, Slovenia, Spain, Sweden, Thailand, Timor Leste, United Arab Emirates, United Kingdom, United States, Viet Nam.
