Cybercrime Archives | Page 83 of 102 | Digital Watch Observatory

Top diplomat warns of serious fallout if US fails to back UN cybercrime treaty

A senior US diplomat has warned of significant consequences if the United States does not support a newly adopted draft for the UN cybercrime treaty, which would establish the first global cybersecurity legal framework agreed upon by all UN member states. Despite unanimous approval from the UN’s Ad Hoc Committee on Cybercrime in August, concerns have been raised by human rights groups and the tech industry about the treaty’s potential to enable mass surveillance and violate individual privacy.

Lead US negotiator Ambassador Deborah McCarthy emphasised the risks of the US backing out after leading the treaty’s development, warning of a potential divide at the UN if the US withdraws. She also highlighted the treaty’s role in fostering global cooperation on cybercrime investigations and information-sharing, while acknowledging legitimate concerns from various sectors.

Critics, however, argue that the treaty’s provisions on serious crimes—those carrying sentences of four years or more—could empower authoritarian regimes to abuse surveillance powers and violate human rights. Human Rights Watch’s Deborah Brown expressed concern that the treaty lacks robust safeguards and could be used to suppress protected activities like protests and investigative journalism.

While McCarthy stressed that the treaty could spotlight misuse and encourage global cooperation, US Senate ratification remains uncertain. With privacy advocates like Sen. Ron Wyden opposing the treaty, calling it a potential tool for authoritarian regimes, securing the two-thirds Senate vote required for US participation will be challenging.

In her remarks, McCarthy acknowledged that the treaty is not perfect but called it ‘definitely an advancement.’ The treaty’s provision, which automatically allows for the extradition of cyber criminals ‘without having to negotiate country by country,’ is a win, McCarthy said.

Indian crypto exchange faces investigation after $235 million crypto hack

India’s Financial Intelligence Unit is investigating the Indian cryptocurrency exchange WazirX following a significant cyberattack that resulted in the theft of $235 million. The exchange is cooperating with government agencies and has provided authorities with extensive server logs and transaction data related to the incident, which occurred in July. Although no physical assets have been seized, WazirX is actively engaging with regulatory bodies to understand the broader implications of the hack on the unregulated crypto sector.

In a bid to enhance transparency, WazirX plans to publicly disclose wallet addresses through court affidavits and has committed to addressing user concerns. The exchange aims to establish a 10-member committee of creditors by 9 October to assist in its restructuring efforts, to return 52-55% of the remaining crypto assets to affected clients within six months.

Additionally, WazirX’s parent company, Zettai, is in discussions with 11 potential partners to explore capital injections and profit-sharing strategies that could aid in user recoveries. Following the hack, WazirX has sought a Scheme of Arrangement in Singapore under local insolvency laws. An independent audit revealed no evidence of wrongdoing by its custodian partner, Liminal Custody.

American Water disconnects systems after cyberattack

American Water, a major US utility, has disconnected parts of its computer network following a cybersecurity incident. The company, which serves over 14 million people, paused billing and customer service as a precaution.

The utility detected unauthorised activity on its systems on 3rd October, prompting the immediate disconnection of several systems. This step was taken to safeguard customer data and prevent potential damage to the environment.

Based in New Jersey, American Water has not yet provided further details about the nature of the breach. However, the US has faced numerous cyberattacks in recent years, often from criminals seeking cryptocurrency ransoms.

Such cyberattacks are known to cripple services, and American Water’s measures aim to mitigate the potential impact on its operations and customers.

LEGO removes fake token scam after homepage hack

LEGO Group’s website was briefly compromised on 5 October, with a scam promoting a fake ‘LEGO Coin’ token appearing on the homepage. The message encouraged users to purchase the token in exchange for ‘secret rewards’ but redirected them to a phishing site. The scam was removed after about 75 minutes, and LEGO confirmed that no user accounts had been compromised.

LEGO has since assured customers that the issue has been resolved and steps are being taken to prevent future incidents. Despite earlier hints in 2021 about entering the NFT space, LEGO has not officially pursued any crypto-related ventures.

This incident highlights the ongoing threat of cryptocurrency scams, which saw $127 million stolen from victims in the third quarter of 2024, with September alone accounting for $46 million in losses.

Russian state media disrupted by cyberattack

VGTRK, Russia’s state media giant, has been hit by a large-scale cyberattack. The company, which operates key national TV and radio stations, confirmed its online services were disrupted, though broadcasting remains unaffected. Kremlin spokesman Dmitry Peskov described the attack as unprecedented, adding that specialists were investigating the source.

A Ukrainian government source claimed responsibility, stating that the attack coincided with President Vladimir Putin’s birthday. However, these assertions have not been independently verified. VGTRK’s website and online news channel were unavailable following the attack.

The disruption affected internal services, with reports of widespread damage. Some sources suggested hackers wiped critical data, including backups. VGTRK has yet to issue an official comment on the full extent of the breach or recovery efforts.

Maria Zakharova, Russia’s Foreign Ministry spokesperson, did not directly blame any group but linked the incident to a broader ‘hybrid war’ against media in Russia. Moscow plans to address the cyberattack at international forums like UNESCO.

UN report: Telegram used by Southeast Asian crime syndicates

Criminal networks in Southeast Asia are increasingly exploiting Telegram for large-scale illicit activities, according to a new report from the United Nations. The encrypted messaging app is used to trade hacked data, including credit card details and passwords, across sprawling, poorly-moderated channels. The report also notes that unlicensed cryptocurrency exchanges on the platform provide money laundering services.

Fraud tools, such as deepfake software and data-stealing malware, are widely sold, enabling organised crime syndicates to innovate and expand their operations. One vendor in Chinese reportedly claimed to move millions in stolen cryptocurrency daily. Southeast Asia has become a hub for these activities, where criminal groups target victims worldwide, generating up to $36.5 billion annually.

The controversy surrounding Telegram escalated when its founder, Pavel Durov, was arrested in Paris for allowing criminal activity on the platform. Durov, who is now out on bail, has since announced steps to cooperate with law enforcement by sharing users’ information when requested legally and removing certain features used for illegal purposes.

As the UNODC report warns, the widespread use of Telegram for underground markets places consumers’ data at heightened risk. Criminals are not only exploiting technology like artificial intelligence but are also leveraging the platform’s ease of use to target victims globally.

US and Poland sign cybersecurity MOU to enhance global digital security and cooperation

The US Department of Homeland Security (DHS) and the Polish Ministry of Digital Affairs (MDA) have signed a Memorandum of Understanding (MOU) to bolster their collaboration in cybersecurity and emerging technology. This MOU strengthens the longstanding partnership between the United States and Poland, providing a structured framework for coordinated efforts in addressing global security challenges, including cyber threats and responsible technology development.

By focusing on key areas such as cyber policy, Secure by Design practices, information sharing, incident response, human capital development, and the safe deployment of AI and the Internet of Things (IoT), both nations demonstrate a shared commitment to transatlantic security. The timing of this MOU, which coincides with the Fourth Counter Ransomware Initiative Summit, reflects a united stance against the growing ransomware threat, as nearly 70 countries gathered to reinforce global resilience against cybercrime.

Various agencies will spearhead the implementation of the MOU as part of the agreement. In the United States, DHS entities like the Cybersecurity and Infrastructure Security Agency (CISA), the Office of Strategy, Policy, and Plans, and the Science and Technology Directorate will drive projects that enhance cybersecurity and support critical infrastructure. On the Polish side, the National Research Institute (NASK) will be instrumental in coordinating these efforts, positioning Poland for its upcoming EU Council presidency in 2025, where it aims to strengthen US-EU relations and prioritise European information security.

Why does it matter?

Together, these agencies will focus on collaborative initiatives that ensure safe technology practices, build critical skills, and enable a proactive response to digital threats, securing a stronger digital future for both nations.

INTERPOL operation with Swiss police led to eight arrested in West Africa for phishing

Eight individuals have been arrested in an ongoing international effort to combat cybercrime, significantly disrupting criminal activities in Côte d’Ivoire and Nigeria. These arrests were made during INTERPOL’s Operation Contender 2.0, which focuses on tackling cyber-enabled crimes in West Africa through improved international intelligence sharing.

The suspects were linked to extensive phishing scams aimed at Swiss citizens. They utilised QR codes to direct victims to fraudulent websites that closely resembled legitimate payment platforms, where they solicited sensitive personal information, including login credentials and credit card numbers. The hackers masqueraded as buyers on small advertising sites to build trust or pretended to be customer service agents.

INTERPOL reports that this scheme led to over $1.4 million in financial losses, with Swiss authorities receiving more than 260 reports about the scam between August 2023 and April 2024. As part of the investigation, law enforcement successfully apprehended the main suspect behind these attacks, who admitted to the scheme and revealed that he had made over $1.9 million from it.

Additionally, five other suspects were found engaging in cybercriminal activities at the same location. The investigation continues as authorities work to identify more victims, recover stolen funds, and trace items purchased with the proceeds from the scam.

Forrester: Cybercrime to cost $12 trillion in 2025

Forrester’s 2025 Predictions report outlines critical cybersecurity, risk, and privacy challenges on the horizon. Cybercrime costs are expected to cost $12 trillion by 2025, with regulators stepping up efforts to protect consumer data. Organisations are urged to adopt proactive security measures to mitigate operational impacts, particularly as AI technologies and IoT devices expand.

Another major prediction is that Western governments plan to prohibit certain third-party or open-source software due to rising concerns over software supply chain attacks, which are a leading cause of worldwide data breaches. Increased pressure from Western governments has prompted private companies to produce software bills of materials (SBOMs), enhancing transparency regarding software components.

However, these SBOMs also reveal the reliance on third-party and open-source software in government purchases. In 2025, armed with this knowledge, Forrester says that a government will impose restrictions on a specific open-source component for national security reasons. Consequently, software suppliers will need to eliminate the problematic components and find alternatives to maintain functionality.

Among the key forecasts is the EU issuing its first fine under the new EU AI Act to a general-purpose AI (GPAI) model provider. Forrester warns that companies unprepared for AI regulations will face significant third-party risks. As generative AI models become more widespread, businesses must thoroughly vet providers and gather evidence to avoid fines and investigations. Another major prediction is a large-scale Internet of Things (IoT) device breach, with malicious actors finding it easier to compromise common IoT systems. Such breaches could lead to widespread disruption, forcing organisations to engage in costly remediation efforts.

Forrester also anticipates that Chief Information Security Officers (CISOs) will reduce their focus on generative AI applications by 10%, citing a need for measurable value. Currently, 35% of global CISOs and CIOs prioritise AI to boost employee productivity, but growing disillusionment and limited budgets are expected to hinder further AI adoption. The report reveals that 18% of global AI decision-makers already see budget limitations as a major barrier, a figure projected to increase as organisations struggle to justify investment in AI initiatives.

The report also highlights a rise in cybersecurity incidents. In 2023, 28% of security decision-makers reported six or more data breaches, up 16 percentage points from 2022. Additionally, 72% of those decision-makers experienced data breach costs exceeding $1 million. Despite these alarming statistics, only 16% of global security leaders prioritised testing and refining their incident response processes in 2023, leaving many organisations unprepared for future attacks.

Human-related cybersecurity risks, such as deepfakes, insider data theft, generative AI misuse, and human error, are expected to become more complex as communication channels expand. Forrester also explores how generative AI could reshape identity and access management, addressing challenges like identity administration, audit processes, lifecycle management, and authentication. In conclusion, the report urges companies to brace for evolving threats and adopt forward-thinking strategies to protect their assets as cybersecurity landscapes shift.

Russia opens criminal case against Cryptex founders

Russian authorities have initiated a criminal investigation against the founders of UAPS and Cryptex, accusing them of generating over $40 million in illegal profits. It follows allegations of running unlicensed banking operations, unauthorised access to protected information, and creating a payment infrastructure that supported cybercriminal activities. The probe is being led by Moscow’s Investigative Committee.

UAPS, established in 2013, and Cryptex, launched in 2018, were primarily used by criminals for illegal currency exchanges and money laundering. In 2023 alone, the network saw more than $1.2 billion in illicit transactions. Russian law enforcement conducted 148 raids across 14 regions, detaining 96 suspects, many of whom face charges of organised crime and illegal banking.

The investigation comes just days after OFAC sanctioned Cryptex and its founder, Sergey Ivanov, accusing them of laundering funds linked to ransomware attacks and darknet markets. US authorities have labelled Ivanov’s other exchange, PM2BTC, as a major money laundering concern.