Cybersecurity

Crypto crime surges to record levels in 2025

The cryptocurrency industry faces a record-breaking year for theft in 2025, with losses surpassing $2.17 billion by mid-July, according to a Chainalysis report. The amount stolen so far has surpassed the total for all of 2024, highlighting a concerning increase in digital asset crime.

A large proportion, around $1.5 billion, stems from the North Korea-linked Bybit hack, which accounts for nearly 70% of thefts targeting crypto services this year.

While centralised exchanges remain prime targets, personal wallets now represent almost a quarter of stolen funds. The report highlights a rise in violent ‘wrench attacks,’ where criminals coerce Bitcoin holders into revealing private keys through threats or physical force.

Kidnappings of crypto executives and family members have also increased, with 2025 expected to double the number of such physical assaults compared to previous years.

Sophistication in laundering stolen crypto varies depending on the target. Hackers focusing on exchanges use advanced techniques like chain-hopping and mixers to obscure transactions.

Conversely, attackers targeting personal wallets often employ simpler methods. Interestingly, criminals are holding stolen assets longer and are willing to pay fees up to 14.5 times higher than average to swiftly move illicit funds and avoid detection.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Quantum tech could break online security, warns India

The Indian Computer Emergency Response Team (CERT-In), alongside cybersecurity firm SISA, cautions that these powerful machines could soon break the encryption used to protect everything from online banking to personal identity systems.

CERT-In’s new white paper outlines how attackers may already be stockpiling encrypted data to unlock later using quantum tools, a tactic called ‘harvest now, decrypt later’. If left unaddressed, this strategy could expose sensitive data stored today once quantum technology matures.

AI is adding to the urgency. As it becomes more embedded in digital systems, it also increases access to user data, raising the stakes if encryption is compromised. The biggest digital systems in India, including Aadhaar, cryptocurrencies, and smart devices, are seen as particularly exposed to this looming risk.

Everyday users are advised to take precautions: update devices regularly, use strong passwords with multi-factor authentication, and avoid storing sensitive data online long-term. Services like Signal or ProtonMail, which use strong encryption, are also recommended.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Hackers hide malware using DNS TXT records

Hackers are increasingly exploiting DNS records to deliver malware undetected, according to new research from DomainTools.

Instead of relying on typical delivery methods such as emails or downloads, attackers now hide malicious code within DNS TXT records, part of the Domain Name System, often overlooked by security systems.

The method involves converting malware into hexadecimal code, splitting it into small segments, and storing each chunk in the TXT record of subdomains under domains like whitetreecollective.com.

Once attackers gain limited access to a network, they retrieve these chunks via ordinary-looking DNS queries, reassembling them into functioning malware without triggering antivirus or firewall alerts.

The rising use of encrypted DNS protocols like DNS-over-HTTPS and DNS-over-TLS makes detecting such queries harder, especially without in-house DNS resolvers equipped for deep inspection.

Researchers also noted that attackers are using DNS TXT records for malware and embedding harmful text designed to manipulate AI systems through prompt injection.

Ian Campbell of DomainTools warns that even organisations with strong security measures struggle to detect such DNS-based threats due to the hidden nature of the traffic.

Instead of focusing solely on traditional defences, organisations are advised to monitor DNS traffic closely, log and inspect queries through internal resolvers, and restrict DNS access to trusted sources. Educating teams on these emerging threats remains essential for maintaining robust cybersecurity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

xAI eyes data centre deal with Humain

Elon Musk’s AI venture, xAI, has entered early discussions with Humain to secure data centre capacity instead of relying solely on existing infrastructure.

According to Bloomberg, the arrangement could involve several gigawatts of capacity, although Humain has yet to start building its facilities, meaning any deal would take years to materialise.

Humain is backed by Saudi Arabia’s Crown Prince Mohammed bin Salman and the Public Investment Fund (PIF). xAI is reportedly considering a fresh funding round where PIF might also invest.

At the same time, xAI is negotiating with a smaller company constructing a 200-megawatt data centre, offering a more immediate solution while waiting for larger projects.

Rather than operating in isolation, xAI joins AI competitors like Google, Meta and Microsoft in racing to secure vast computing power for training large AI models. The push for massive data centre capacity reflects the escalating demands of advanced AI systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China now the top DDoS target, says Cloudflare

Cloudflare’s latest DDoS threat report reveals that business competitors initiate most known attacks. Of the customers who identified attackers, 63% blamed rivals, 21% pointed to state-linked actors, and 5% admitted self-inflicted disruptions caused by misconfigurations.

The Q2 report shows China as the most targeted country, followed by Brazil and Germany, while Ukraine, Singapore and Indonesia are listed among the top sources of DDoS traffic. Telecommunications, internet services and gaming are the industries most frequently targeted by attackers.

Cloudflare highlighted that the locations identified as sources often reflect the presence of botnets, proxies or VPNs, not the actual location of threat actors. Countries like the Netherlands appear high on the list due to favourable privacy laws and strong network infrastructure.

The company urged broader participation in its threat intelligence feed to help mitigate risks. Over 600 providers currently use Cloudflare’s data to remove abusive accounts and stop the spread of DDoS attacks across the internet.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Quantum sector surges as Rigetti unveils modular machine

Quantum computing is progressing faster than expected, with Rigetti Computing achieving a major breakthrough. The company reached 99.5% median 2-qubit gate fidelity using a modular 36-qubit system—halving its error rate and moving closer to fault-tolerant computing.

The new machine, built from four 9-qubit chiplets, represents the industry’s largest multichip quantum system. Its modular design addresses the scalability challenges of single-chip models.

Rigetti’s superconducting qubits also outperform rivals by operating at significantly faster speeds.

Plans are in place to launch a 100+-qubit system before the end of 2025. Backing from DARPA, the US Air Force, and the UK government further validates Rigetti’s approach. Partnerships with Nvidia and Quanta Computer add commercial strength.

Despite modest revenue, Rigetti holds $575 million in cash with no debt and owns the sector’s first dedicated quantum chip factory. True commercial quantum advantage is expected between 2026 and 2028.

Shares of Rigetti, along with other quantum computing firms like IonQ and D-Wave, have surged in recent months, outperforming the broader market.

Rigetti offers strong potential—but remains a high-risk pick in a competitive field.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

EU helps Vietnam prepare for cyber emergencies

The European Union and Vietnam have conducted specialised cyber‑defence training to enhance the resilience of key infrastructure sectors such as power, transportation, telecoms and finance.

Participants, including government officials, network operators and technology experts, engaged in interactive threat-hunting exercises and incident simulation drills designed to equip teams with practical cyber‑response skills.

This effort builds on existing international partnerships, including collaboration with the US Cybersecurity and Infrastructure Security Agency, to align Vietnam’s security posture with global standards.

Vietnam faces an alarming shortfall of more than 700,000 cyber professionals, with over half of organisations reporting at least one breach in recent years.

The training initiative addresses critical skills gaps and contributes to national digital security resilience.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Trojanised Telegram APKs target Android users with Janus exploit

A large Android malware campaign has been uncovered, distributing trojanised versions of Telegram Messenger via more than 600 malicious domains. The operation uses phishing infrastructure and evasion techniques to deceive users and deliver infected APK files.

Domains exploit typosquatting, with names like ‘teleqram’ and ‘apktelegram’, and mimic Telegram’s website using cloned visuals and QR code redirects. Users are sent to zifeiji[.]asia, which hosts a fake Telegram site offering APK downloads between 60MB and 70MB.

The malware targets Android versions 5.0 to 8.0, exploiting the Janus vulnerability and bypassing security via legacy signature schemes. After installation, it establishes persistent access using socket callbacks, enabling remote control.

It communicates via unencrypted HTTP and FTP, and uses Android’s MediaPlayer component to trigger background activity unnoticed. Once installed, it requests extensive permissions, including access to all locally stored data.

Domains involved include over 300 on .com, with many registered through Gname, suggesting a coordinated and resilient campaign structure.

Researchers also found a JavaScript tracker embedded at telegramt.net, which collects browser and device data and sends it to dszb77[.]com. The goal appears to be user profiling and behavioural analysis.

Experts warn that the campaign’s scale and technical sophistication pose a significant risk to users running outdated Android systems.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Experts link Qantas data breach to AI voice impersonation

Cybersecurity experts believe criminals may have used AI-generated voice deepfakes to breach Qantas systems, potentially deceiving contact centre staff in Manila. The breach affected nearly six million customers, with links to a group known as Scattered Spider.

Qantas confirmed the breach after detecting suspicious activity on a third-party platform. Stolen data included names, phone numbers, and addresses—but no financial details. The airline has not confirmed whether voice impersonation was involved.

Experts point to Scattered Spiders’ history of using synthetic voices to trick help desk staff into handing over credentials. Former FBI agent Adam Marré said the technique, known as vishing, matches the group’s typical methods and links them to The Com, a cybercrime collective.

Other members of The Com have targeted companies like Salesforce through similar tactics. Qantas reportedly warned contact centre staff shortly before the breach, citing a threat advisory connected to Scattered Spider.

Google and CrowdStrike reported that the group frequently impersonates employees over the phone to bypass multi-factor authentication and reset passwords. The FBI has warned that Scattered Spider is now targeting airlines.

Qantas says its core systems remain secure and has not confirmed receiving a ransom demand. The airline is cooperating with authorities and urging affected customers to watch for scams using their leaked information.

Cybersecurity firm Trend Micro notes that voice deepfakes are now easy to produce, with convincing audio clips available for as little as $5. The deepfakes can mimic language, tone, and emotion, making them powerful tools for deception.

Experts recommend biometric verification, synthetic signal detection, and real-time security challenges to counter deepfakes. Employee training and multi-factor authentication remain essential defences.

Recent global cases illustrate the risk. In one instance, a deepfake mimicking US Senator Marco Rubio attempted to access sensitive systems. Other attacks involved cloned voices of US political figures Joe Biden and Susie Wiles.

As voice content becomes more publicly available, experts warn that anyone sharing audio online could become a target for AI-driven impersonation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

South Korea’s new Science Minister pledges AI-led national transformation

South Korea’s new Science and ICT Minister, Bae Kyung-hoon, has pledged to turn the nation into one of the world’s top three AI powerhouses.

Instead of following outdated methods, Bae outlined a bold national strategy centred on AI, science and technology, aiming to raise Korea’s potential growth rate to 3 per cent and secure a global economic leadership position.

Bae, a leading AI expert and former president of LG AI Research, officially assumed office on Thursday.

Drawing from experience developing hyperscale AI models like LG’s Exaone, he emphasised the need to build a unique competitive advantage rooted in AI transformation, talent development and technological innovation.

Rather than focusing only on industrial growth, Bae’s policy agenda targets a broad AI ecosystem, revitalised research and development, world-class talent nurturing, and addressing issues affecting daily life.

His plans include establishing AI-centred universities, enhancing digital infrastructure, promoting AI semiconductors, restoring grassroots research funding, and expanding consumer rights in telecommunications.

With these strategies, Bae aims to make AI accessible to all citizens instead of limiting it to large corporations or research institutes. His vision is for South Korea to lead in AI development while supporting social equity, cybersecurity, and nationwide innovation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!