Following the recent security breach at Bybit, major cryptocurrency firms have joined forces to combat the attack and mitigate its impact. Bybit’s CEO, Ben Zhou, confirmed that both centralised and decentralised finance leaders, such as Orbiter and SynFutures, quickly moved to blacklist the attacker’s addresses. Chainalysis also tracked and published wallet addresses linked to the exploit.
Blockchain security companies, including SIS and Zero Shadows, intensified efforts to block malicious transactions and trace the perpetrators, while institutional traders such as TMSI and Cumberland provided support to stabilise the market. Several DeFi protocols, including Lido Finance and Solana Foundation, also extended their assistance.
Zhou praised the swift collaboration from industry players, calling it a testament to the cryptocurrency sector’s resilience. The exchange has since launched a recovery bounty programme, offering up to 10% of recovered funds. Bybit is working hard to enhance its security infrastructure following the breach.
Investigations have pointed to North Korea’s Lazarus Group as the likely culprit behind the attack, which exploited Bybit’s Ethereum multisig cold wallet. This group is also connected to other high-profile crypto hacks, including the 2022 DMM Bitcoin exchange breach.
For more information on these topics, visit diplomacy.edu.
Hackers have stolen $1.5 billion from Dubai-based cryptocurrency exchange Bybit in what is believed to be the largest digital heist in history. The attacker gained access to an Ethereum wallet during a routine transfer and moved the funds to an unknown address, sparking concerns across the cryptocurrency sector.
Bybit quickly reassured users that their funds remained secure, with chief executive Ben Zhou pledging to fully compensate affected customers. Despite this, the platform saw a surge of over 350,000 withdrawal requests, leading to potential delays. The company remains solvent, holding $20 billion in customer assets and is prepared to cover losses if necessary.
The price of Ethereum briefly dipped by nearly 4% following the breach but has since stabilised. Bybit has called upon leading cybersecurity experts to assist in recovering the stolen assets, offering a reward of up to $140 million. Speculation has emerged regarding the hackers’ identity, with reports suggesting possible links to the North Korean state-sponsored Lazarus group known for previous large-scale cryptocurrency thefts.
For more information on these topics, visit diplomacy.edu.
OpenAI has removed accounts linked to users in China and North Korea over concerns they were using ChatGPT for malicious activities.
The company cited cases of AI-generated content being used for surveillance, influence campaigns, and fraudulent schemes. AI tools were employed to detect the operations.
Some accounts produced news articles in Spanish that criticised the US and were later published under a Chinese company’s byline. Others, potentially connected to North Korea, created fake resumes and online profiles in an attempt to secure jobs at Western firms.
A separate operation, believed to be tied to financial fraud in Cambodia, used ChatGPT to generate and translate comments on social media.
The US government has raised concerns over China’s use of AI to spread misinformation and suppress its population. Security risks associated with AI-driven disinformation and fraudulent activities have led to increased scrutiny of how such tools are being used globally.
OpenAI’s ChatGPT remains the most widely used AI chatbot, with over 400 million weekly active users. The company is also in discussions to secure up to $40 billion in funding, which could set a record for a private firm.
For more information on these topics, visit diplomacy.edu.
Australia’s eSafety Commission has fined messaging platform Telegram A$1 million ($640,000) for failing to respond promptly to questions regarding measures it took to prevent child abuse and extremist content. The Commission had asked social media platforms, including Telegram, to provide details on their efforts to combat harmful content. Telegram missed the May 2024 deadline, submitting its response in October, which led to the fine.
eSafety Commissioner Julie Inman Grant emphasised the importance of timely transparency and adherence to Australian law. Telegram, however, disagreed with the penalty, stating that it had fully responded to the questions, and plans to appeal the fine, which it claims was solely due to the delay in response time.
The fine comes amid increasing global scrutiny of Telegram, with growing concerns over its use by extremists. Australia’s spy agency recently noted that a significant portion of counter-terrorism cases involved youth, highlighting the increasing risk posed by online extremist content. If Telegram does not comply with the penalty, the eSafety Commission could pursue further legal action.
For more information on these topics, visit diplomacy.edu.
Two men have been charged in connection with a cryptocurrency fraud that saw a 75-year-old man from Aberdeenshire lose more than £100,000. The case, reported to police in July, led to an extensive investigation by officers from the north east division CID.
Following inquiries, officers travelled to Coventry and Mexborough on Tuesday, working alongside colleagues from West Midlands Police and South Yorkshire Police.
The coordinated operation resulted in the arrests of two men, aged 36 and 54, who have now been charged in relation to the fraud allegations.
Police have not yet disclosed details of how the scam was carried out, but cryptocurrency frauds often involve fake investment schemes, phishing scams, or fraudulent trading platforms that lure victims into handing over money with promises of high returns.
Many scams also exploit a lack of regulation in the digital currency sector, making it difficult for victims to recover lost funds.
Authorities have urged the public to remain vigilant and report any suspicious financial activity, particularly scams involving cryptocurrencies.
For more information on these topics, visit diplomacy.edu.
Norwegian prosecutors have charged four individuals for their role in a massive fraud and money laundering operation that deceived thousands of victims worldwide. Authorities say the scheme collected over 900 million kroner ($86–87 million), with more than 700 million kroner laundered through a Norwegian law firm before being transferred to accounts in Asia.
The scam operated as a multi-level marketing structure, with victims recruited to buy “product packages” containing cryptocurrency and company shares. Investors were promised profits from gas fields, mining, and real estate, but investigators say no real investments were made. Instead, new deposits funded payouts to earlier investors, fitting the classic Ponzi scheme model.
Officials revealed that financial professionals, including lawyers and accountants, helped to conceal the money flow, making the fraud harder to detect. Europol has warned that financial crimes like these are a growing global threat, with fraud and money laundering acting as the driving force behind organised crime.
Despite the cross-border nature of the operation, Norwegian authorities stress that those responsible will be prosecuted, no matter where their victims are located. The case highlights the increasing use of professional services to facilitate fraud, a challenge that law enforcement agencies worldwide are struggling to tackle.
For more information on these topics, visit diplomacy.edu.
Law enforcement agencies must ensure public understanding of the need for expanded investigative powers to effectively combat the increasing scale and complexity of cybercrime, Europol’s chief Catherine De Bolle stated at the Munich Cyber Security Conference.
De Bolle emphasised that cybercriminal activity is not only growing in volume but also evolving in sophistication, leveraging both traditional telecom infrastructure and advanced digital tools, including dark web marketplaces. In response, she underscored the necessity for law enforcement agencies to strengthen their technical capabilities. However, she noted that implementing large-scale investigative measures must be balanced with maintaining public confidence in state institutions.
Her remarks followed those of Sir Jeremy Fleming, former director of the UK’s cyber intelligence agency GCHQ, who spoke about the importance of maintaining public trust in intelligence operations.
De Bolle further stressed the need for stronger collaboration between government agencies, private sector entities, and international organisations to address cyber threats effectively. As cybercrime and state-sponsored cyber activities increasingly overlap, she advocated for a shift away from fragmented approaches, calling for ‘multilateral responses’ to improve collective cybersecurity readiness.
For more information on these topics, visit diplomacy.edu.
Argentine President Javier Milei has denied endorsing the LIBRA meme coin, which recently surged in value before collapsing, leaving investors with heavy losses. He stated that he merely shared information about the token and never encouraged people to buy in. According to Milei, only a few Argentine investors were affected, with most traders coming from China and the US. He disputed reports that 44,000 people lost money, insisting the real number was closer to 5,000, primarily experienced traders who understood the risks.
Milei explained that Hayden Davis, one of LIBRA’s backers, had proposed a financial structure to support entrepreneurs struggling to secure funding. Seeing potential in the idea, he simply helped spread awareness. However, after facing political backlash, Milei admitted he must be more cautious about his public statements, acknowledging that he still acts as he did before becoming president and needs to be less accessible.
The controversy has rattled Argentina’s political and financial landscape, with opposition leaders accusing Milei of misleading the public and calling for his removal. The anti-corruption office has launched an investigation, alongside a legal probe led by Federal Judge María Servini. Meanwhile, Argentina’s financial markets took a hit, with the S&P Merval stock index dropping by 5%. Despite Milei’s insistence that he acted in good faith, scrutiny of his administration continues to intensify.
For more information on these topics, visit diplomacy.edu.
A new report from Google states that cybercrime continues to expand, intersecting with state-backed cyber operations. Released ahead of the Munich Security Conference, research from Google’s Threat Intelligence Group and Mandiant outlines findings from their investigations in 2024 and trends observed over the past four years.
According to Google, financially motivated and state-backed cyber activities are becoming more interconnected. Cybercriminal ecosystems facilitate the acquisition of malware, vulnerabilities, and operational support, offering lower-cost alternatives to state-developed capabilities.
The report emphasises that while cybercrime and state-backed cyber operations increasingly overlap, responses to these threats require distinct strategies. Cybercrime often involves networks operating across jurisdictions, necessitating international collaboration to address its impact effectively.
For more information on these topics, visit diplomacy.edu.
A controversy has emerged over the British government’s reported attempt to compel Apple to grant authorities access to encrypted iCloud accounts, leading to calls for increased transparency from intelligence agencies. Sir Jeremy Fleming, the former head of the UK’s GCHQ from 2017 to 2023, addressed this issue at the Munich Cyber Security Conference, highlighting the need for public understanding and trust in intelligence operations. He emphasised that an agency’s ‘license to operate’ should be grounded in transparency.
The UK government has contested the description of a ‘back door’ in relation to the notice, clarifying that it seeks to ensure Apple maintains the capability to provide iCloud data in response to lawful warrants, a function that existed prior to the introduction of end-to-end encryption for iCloud in December 2022.
Since 2020, Apple has provided iCloud data to UK authorities in response to four of more than 6,000 legal requests for customer information under non-IPA laws. However, this data excludes requests made under the Investigatory Powers Act (IPA), the UK’s primary law for accessing tech company data.
Fleming emphasised the importance of intelligence agencies providing clear explanations of their operations, particularly in relation to new technologies. He pointed out the need for a better understanding of how intelligence agencies operate in practice, particularly as technological advancements change their methods.
For more information on these topics, visit diplomacy.edu.
