Tens of thousands of Indian nationals are reportedly ensnared in Southeast Asia, coerced into participating in cyber scams, including cryptocurrency fraud and phishing schemes. These individuals are often lured by enticing job offers for IT and data entry positions, only to find their passports confiscated upon arrival in countries like Cambodia and Laos, leaving them trapped in guarded compounds under inhumane conditions.
The Indian government has taken action, launching rescue efforts and collaborating with international organisations and local authorities to repatriate citizens caught in these cyber slavery networks. Recent reports indicate that Indian nationals have lost approximately 500 crores (about $60 million) to these operations between October 2023 and March 2024. Alarmingly, nearly 30,000 Indians who travelled to Southeast Asia from January 2022 to May 2024 have not returned home.
Investigations suggest that these cyber scams may be part of a more extensive human trafficking operation, linking financial fraud to severe exploitation. This alarming connection has drawn the attention of international authorities, including the US Department of the Treasury, which recently imposed sanctions on a Cambodian senator involved in these illicit activities.
As the situation unfolds, the Indian government is intensifying its efforts to crack down on these networks, including blocking international spoofed calls and monitoring suspicious activity in Southeast Asia to protect its citizens.
Trustpair, a fraud prevention platform, has announced the integration of JPMorgan’s blockchain-based solution, Confirm, into its system. The partnership enables Trustpair’s 200 clients, including companies such as Societe Generale, Decathlon, and Danone, to verify vendor bank accounts across 15 global markets, significantly reducing the risk of payment fraud and delays.
Confirm, built on JPMorgan’s private blockchain Liink, aims to improve decision-making for businesses by providing accurate vendor and payment data. The move enhances fraud prevention and the user experience, addressing a major issue in high-value transactions where inaccurate information can lead to costly errors.
JPMorgan’s engagement with blockchain technology has deepened in recent years, following the launch of JPM Coin in 2019 and its Onyx unit dedicated to blockchain solutions. With Confirm now part of its portfolio, JPMorgan continues to set new standards in secure digital payments and fraud prevention.
Kazakhstan’s financial regulators have frozen $1.2 million in cryptocurrency and shut down 19 illegal over-the-counter platforms, marking a significant step in their ongoing crackdown on unlicensed crypto activity. These platforms, with a combined turnover exceeding $60 million, were operating illegally and posed risks related to money laundering and terrorism financing.
In addition to freezing funds, the Financial Monitoring Agency has targeted illegal crypto-mining operations. Since the start of the year, authorities have dismantled nine mining sites and seized around 4,000 mining rigs. Furthermore, more than 5,500 unlicensed online exchangers have been blocked as part of this broad regulatory effort.
Kazakhstan’s attempts to tighten its control over the crypto industry extend to major international players. In December 2023, the country banned the US-based crypto exchange Coinbase, accusing it of violating local laws regarding the trading of uninsured digital assets.
Check Point Research has uncovered a crypto wallet drainer app that was active on the Google Play Store for over five months, stealing more than $70,000 from unsuspecting users. The malicious app masqueraded as WalletConnect, a popular tool for linking crypto wallets to decentralised finance (DeFi) apps. Despite being disguised as a legitimate app, it managed to evade detection through advanced techniques and fake reviews, gaining over 10,000 downloads.
The app, originally named ‘Mestox Calculator,’ tricked users into connecting their wallets and accepting permissions, allowing attackers to drain funds. Although not all users were affected, over 150 victims lost substantial sums. The app was eventually removed from the store, but its ability to avoid detection highlighted gaps in-app verification processes on platforms like Google Play.
Check Point Research emphasised the increasing sophistication of cybercriminals and urged both users and app stores to remain vigilant. The researchers warned that even seemingly harmless apps can pose a serious financial threat in the Web3 world, stressing the importance of educating users about these risks.
Cybersecurity experts have uncovered a novel tactic used by hackers to deliver malware for covert crypto mining. Hackers are now exploiting automated email replies from compromised accounts to infect businesses in Russia, including financial institutions, with the XMRig mining tool. Since May, over 150 emails containing this malicious software have been detected, but most were blocked by Facct, a leading threat intelligence firm.
This technique is particularly dangerous as it involves victims initiating contact, and expecting a reply from their initial email. Due to this established communication, many are unsuspecting of the malware attached. Facct urges organisations to stay vigilant by conducting regular cybersecurity training and adopting strong passwords with multifactor authentication.
The XMRig software, often used in crypto mining attacks, has been part of several widespread malware campaigns since 2020, highlighting the persistent threat of cybercriminals using innovative methods to target vulnerable systems.
The United States has imposed sanctions on Russian national Sergey Sergeevich Ivanov and cryptocurrency firm Cryptex, which operates in Russia despite being based in Saint Vincent and the Grenadines, according to the Treasury Department. The sanctions target individuals and organisations involved in facilitating cybercrime and illicit financial activity.
Additionally, the United States Treasury’s Financial Crimes Enforcement Network identified Russian crypto exchange PM2BTC as a ‘primary money laundering concern.’ Officials stressed their commitment to preventing cybercrime networks like PM2BTC and Cryptex from continuing operations, according to acting undersecretary Bradley Smith.
The US State Department has also announced rewards of up to $10 million for information leading to the arrest or conviction of Ivanov and Timur Shakhmametov for their involvement in transnational organised crime. It is also offering rewards of up to $1 million for information on the leaders of crypto exchange PM2BTC and stolen credit card marketplaces PinPays and Joker’s Stash.
These efforts underscore the US government’s continued crackdown on cybercriminal networks and illicit financial activities that threaten global security and economic stability.
British police announced on Thursday that they are investigating a cyberattack that displayed an Islamophobic message on Wi-Fi services at major railway stations. Passengers trying to connect to the Wi-Fi encountered a message referencing terror attacks, leading to the immediate shutdown of the system managed by communications group Telent. The British Transport Police reported that they received notifications about the incident at approximately 5:03 p.m. on September 25.
The incident occurred amid heightened tensions in Britain, where anti-Muslim riots erupted over the summer following the tragic killing of three young girls. Misinformation initially blamed the attack on an Islamist migrant, further inflaming community tensions. In response, the police are working closely with Network Rail to investigate the cyberattack promptly.
Following the incident, which impacted 19 stations including London Bridge, London Euston, Manchester Piccadilly, and Edinburgh Waverley, Network Rail confirmed that the Wi-Fi service remained offline. Telent stated that no personal data was compromised in the hack, explaining that an unauthorised change was made to the Network Rail landing page using a legitimate administrator account. As a precaution, Telent temporarily suspended all Global Reach services to verify that other customers were not affected. Network Rail expects the Wi-Fi service to be restored over the weekend after conducting final security checks.
Julian Assange, the former Wikileaks editor-in-chief, has secured a plea deal, with his sentence commuted to time served. He is now set to travel to Saipan before returning to Australia. Despite his release, the financial burden remains, with his fiancée, Stella Assange, disclosing that the cost of his journey to freedom is estimated at $520,000. The family is urgently appealing for funds to cover travel and recovery expenses.
To help raise these funds, a BTCPay Server has been set up, enabling donations through Bitcoin or the Lightning Network. Assange’s brother, Gabriel, confirmed the platform, allowing secure, decentralised contributions. Julian’s connection to Bitcoin is long-standing, having been part of the cryptocurrency’s history, including discussions with its creator, Satoshi Nakamoto, regarding its use for Wikileaks when PayPal froze their accounts.
As Assange embarks on the next chapter of his life, the Bitcoin community continues to rally behind him, with a recent donation of 8 Bitcoins (around $500,000) further showcasing the role of cryptocurrency in supporting his cause.
Truflation, a blockchain-based inflation data platform, has confirmed falling victim to a malware attack. The project reported detecting abnormal activity on 25 September, which led to an estimated loss of up to $5.2 million. Blockchain analysts have tracked the losses from Truflation’s treasury and personal wallets on Ethereum, with additional losses spread across seven other blockchains.
The team is now working with law enforcement and industry partners to resolve the issue. They have also reached out to the hacker, seeking negotiation, while offering rewards to white-hat hackers who can assist. Despite the breach, Truflation has reassured its customers that their funds and staking operations remain secure.
Truflation’s token, TRUF, fell by 15.6% following the incident, though it has since partly recovered. Truflation provides real-time economic data and recently launched a marketplace that tracks commodity indexes such as sugar, petroleum, and wheat.
MoneyGram has acknowledged that its recent multiday outage is due to a cybersecurity issue, and the firm is progressing in restoring its services. The company revealed on X that it had identified the problem affecting certain systems and launched an investigation after users reported disruptions beginning on 20 September.
The Dallas-based financial services company stated that it took immediate protective measures, including taking some systems offline to address the connectivity issues. MoneyGram is collaborating with law enforcement and external cybersecurity experts to mitigate the impact of the breach. In a follow-up post on 24th September, the firm announced that it is successfully restoring some key transactional systems.
Although MoneyGram has assured users that pending transactions will be processed once systems are back online, it has not disclosed details about the nature of the cybersecurity issue, including whether any sensitive data may have been compromised. Additionally, there is no timeline yet for when full service will be resumed.
This incident occurs amid a notable increase in crypto-related ransomware attacks, with reports indicating a significant rise in ransom payments this year. MoneyGram, a major player in money transmission, recently ventured into the crypto space, launching fiat exchange services and partnering with CEX.io to offer fiat-to-stablecoin options.
