Cybersecurity

Greece seizes crypto tied to record Bybit hack

Greek authorities have successfully seized digital assets linked to a major international cybercrime case, marking the country’s first-ever recovery of cryptocurrency. The operation followed a months-long investigation into suspicious blockchain activity in collaboration with blockchain analytics firm Chainalysis.

The recovered funds are part of a record-breaking $1.5 billion theft from crypto exchange Bybit earlier this year. In February, hackers exploited a vulnerability in one of the platform’s Ethereum wallets, transferring the entire contents to an unknown address.

The incident, considered one of the largest crypto heists in history, has been widely attributed to North Korea’s Lazarus Group.

A suspect wallet was identified and frozen, cutting off access to the assets and transferring the case to prosecutors for further legal proceedings.

Officials hailed the move as a significant advance in combating digital crime. Analysts say the operation shows how blockchain transparency and forensic tools, combined with international cooperation, can disrupt even the most complex laundering networks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Activision pulls game after PC hacking reports

Activision has removed Call of Duty: WWII from the Microsoft Store and PC Game Pass following reports that hackers exploited a serious vulnerability in the game. Only the PC versions from Microsoft’s platforms are affected, while the game remains accessible via Steam and consoles.

The decision came after several players reported their computers being hijacked during gameplay. Streamed footage showed remote code execution attacks, where malicious code was deployed through the game to seize control of victims’ devices.

AN outdated and insecure build of the game, which had previously been patched elsewhere, was uploaded to the Microsoft platforms. Activision has yet to restore access and continues to investigate the issue.

Call of Duty: WWII was only added to Game Pass in June. The vulnerability highlights the dangers of pushing old game builds without sufficient review, exposing users to significant cybersecurity risks.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

M&S urges UK firms to report cyberattacks

Marks & Spencer has called for a legal obligation requiring UK companies to report major cyberattacks to national authorities. Chairman Archie Norman told parliament that two serious cyberattacks on prominent firms in recent months had gone unreported.

He argued that underreporting leaves a significant gap in cybersecurity knowledge. It would not be excessive regulation to require companies to report material incidents to the National Cyber Security Centre.

The retailer was hit in April by what is believed to be a ransomware attack involving DragonForce, with links to the Scattered Spider hacking group.

The breach forced a seven-week suspension of online clothing orders, costing the business around £300 million in lost operating profit.

M&S had fortunately doubled its cyber insurance last year, though it may take 18 months to process the claim.

General counsel Nick Folland added that companies must be prepared to operate manually, using pen and paper, when systems go down.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Kurbalija: Digital tools are reshaping diplomacy

Once the global stage for peace negotiations and humanitarian accords, Geneva finds itself at the heart of a new kind of diplomacy shaped by algorithms, data flows, and AI. Jovan Kurbalija, Executive Director of Diplo and Head of the Geneva Internet Platform, believes this transformation reflects Geneva’s long tradition of engaging with science, technology, and global governance. He explained this in an interview with Léman Bleu.

Diplo, a Swiss-Maltese foundation, supports diplomats and international professionals as they navigate the increasingly complex landscape of digital governance.

‘Where we once trained them to understand the internet,’ Kurbalija explains, ‘we now help them grasp and negotiate issues around AI and digital tools.’

The foundation not only aids diplomats in addressing cyber threats and data privacy but also equips them with AI-enhanced tools for negotiation, public communication, and consular protection.

According to Kurbalija, digital governance touches everyone. From how our phones are built to how data moves across borders, nearly 50 distinct issues—from cybersecurity and e-commerce to data protection and digital standards—are debated in the corridors of International Geneva. These debates are no longer reserved for specialists because they affect the everyday lives of billions.

Kurbalija draws a fascinating connection between Geneva’s philosophical heritage and today’s technological dilemmas. Writers like Mary Shelley, Voltaire, and Borges, each with ties to Geneva, grappled with themes eerily relevant today: unchecked scientific ambition, the tension between freedom and control, and the challenge of processing vast amounts of knowledge. He dubs this tradition ‘EspriTech de Genève,’ a spirit of intellectual inquiry that still echoes in debates over AI and its impact on society.

AI, Kurbalija warns, is both a marvel and a potential menace.

‘It’s not exactly Frankenstein,’ he says, ‘but without proper governance, it could become one.’

As technology evolves, so must international mechanisms ensure it serves humanity rather than endangers it.

Diplomacy, meanwhile, is being reshaped not just in terms of content but in method. Digital tools allow diplomats to engage more directly with the public and make negotiations more transparent. Yet, the rise of social media has its downsides. Public broadcasting of diplomatic proceedings risks undermining the very privacy and trust needed to reach a compromise.

‘Diplomacy,’ Kurbalija notes, ‘needs space to breathe—to think, negotiate, resolve.’

He also cautions against the growing concentration of AI and data power in the hands of a few corporations.

‘We risk having our collective knowledge privatised, commodified, and sold back to us,’ he says.

The antidote? A push for more inclusive, bottom-up AI development that empowers individuals, communities, and nations.

As Geneva continues its historic role in shaping the future, Kurbalija’s message is clear: managing technology wisely is not just a diplomatic challenge—it’s a global necessity.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Europe moves to build its own digital infrastructure

France, Germany, Italy, and the Netherlands have taken a major step toward building Europe’s own digital infrastructure by signing the founding papers for a new European Digital Infrastructure Consortium for Digital Commons. The initiative reflects growing concern that Europe’s reliance on US technology companies, such as Microsoft, leaves its public administrations vulnerable to shifting geopolitical dynamics.

For years, countries like Germany and France have been working on alternatives, Berlin with its Open Desk project and Paris with La Suite Numérique. Now, by joining forces, the four governments aim to develop and maintain publicly built and publicly accessible digital tools that reduce dependence on foreign tech giants.

Markus Richter, Germany’s chief information officer, described the move as ‘a milestone on the way to more digital sovereignty in Europe.’ The consortium will focus on scaling strategic digital commons, securing financial backing, and fostering a strong European community committed to digital independence.

The new organisation, based in Paris, marks the start of a coordinated European effort to create sovereign digital services designed to serve governments and citizens alike, with long-term ambitions of strengthening Europe’s position in the global digital landscape.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Global cooperation and bold ideas at WSIS+20 drive digital trust and cybersecurity resilience

The WSIS+20 Leaders’ Talk on ‘Towards a safer connected world’ brought together ministers, regulators, and experts from across the globe to share concrete strategies for strengthening digital trust and cyber resilience.

Held in Geneva and moderated by Lucien Castex, the session spotlighted multistakeholder collaboration as the cornerstone of effective cybersecurity in a connected world.

Malaysia’s Minister of Communications Fahmi Fadzil opened with a firm declaration of digital sovereignty, stressing that ‘Big Tech is not bigger than our laws’. He described ASEAN’s forthcoming Kuala Lumpur declaration, a collective regional effort to promote safe and responsible use of social media.

Echoing this approach, Greece’s Dimitris Papastergiou underlined cybersecurity as a strategic national priority, detailing the implementation of the EU’s NIS2 Directive and tools to support SMEs, and reaffirming that cybersecurity is central to “democratic institutions, public safety, and social cohesion.”

India’s Anil Kumar Lahoti presented an institutional model of cyber resilience through the National Cyber Security Coordination Centre, illustrating real-time, cross-sector collaboration to contain cascading attacks.

Lithuania’s Jurate Soviene, meanwhile, emphasised the human side of cybersecurity, showcasing the “No One Is Left Behind” movement, which engages over 160 partners to help seniors build digital confidence.

She also noted the success of Lithuania’s joint anti-scam task force involving police, telecoms, banks, and regulators. “Let’s collaborate”, may be easy to say, she reflected, “but someone must take the first step.”

Participants repeatedly turned to the theme of partnership from Asia to Europe and back again. Thailand’s Trairat Viriyasirikul highlighted their ‘regulatory sandbox’ that supports public-private experimentation in health and identity sectors, including the national MobileID system.

Spain’s Matías González described the country’s Tier 1 status in the Global Cybersecurity Index and their widely respected Cybersecurity Summer Good Camp, which has trained over 20,000 students. “Security must be holistic,” he said, “combining technology, policy, and society.”

From the Internet Society, Sally Wentworth warned that no single actor can secure the internet alone. She advocated a systems approach, from standards development and encryption to civil society inclusion. “We need technologists, industry, civil society, and governments,” she said, announcing a new co-fund initiative with the Global Cyber Alliance to support underfunded cybersecurity efforts.

Lennig Pedron of Trust Valley concluded the session with practical insights from Switzerland, where over 250 innovative companies are supported through a global network of more than 400 partners. She stressed the importance of neutral platforms and flexible financing to bridge diverse stakeholder needs: “Joint pilot projects and simplified legal processes are key to real partnerships.”

Moderator Lucien Castex closed with a quote from Jules Verne, urging the audience to pair bold imagination with real-world action. Across all interventions, the session conveyed one clear message: the future of cybersecurity—and the trust that sustains it—must be built together, across sectors, borders, and communities.

Track all key events from the WSIS+20 High-Level Event 2025 on our dedicated page.

Over 2.3 million users hit by Chrome and Edge extension malware

A stealthy browser hijacking campaign has infected over 2.3 million users through Chrome and Edge extensions that appeared safe and even displayed Google’s verified badge.

According to cybersecurity researchers at Koi Security, the campaign, dubbed RedDirection, involves 18 malicious extensions offering legitimate features like emoji keyboards and VPN tools, while secretly tracking users and backdooring their browsers.

One of the most popular extensions — a colour picker developed by ‘Geco’ — continues to be available on the Chrome and Edge stores with thousands of positive reviews.

While it works as intended, the extension also hijacks sessions, records browsing activity, and sends data to a remote server controlled by attackers.

What makes the campaign more insidious is how the malware was delivered. The extensions began as clean, valuable tools, but malicious code was quietly added during later updates.

Due to how Google and Microsoft handle automatic updates, most users receive spyware without taking action or clicking anything.

Koi Security’s Idan Dardikman describes the campaign as one of the largest documented. Users are advised to uninstall any affected extensions, clear browser data, and monitor accounts for unusual activity.

Despite the serious breach, Google and Microsoft have not responded publicly.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Grok AI chatbot suspended in Turkey following court order

A Turkish court has issued a nationwide ban on Grok, the AI chatbot developed by Elon Musk’s company xAI, following recent developments involving the platform.

The ruling, delivered on Wednesday by a criminal court in Ankara, instructed Turkey’s telecommunications authority to block access to the chatbot across the country. The decision came after public filings under Turkey’s internet law prompted a judicial review.

Grok, which is integrated into the X platform (formerly Twitter), recently rolled out an update to make the system more open and responsive. The update has sparked broader global discussions about the challenges of moderating AI-generated content in diverse regulatory environments.

In a brief statement, X acknowledged the situation and confirmed that appropriate content moderation measures had been implemented in response. The ban places Turkey among many countries examining the role of generative AI tools and the standards that govern their deployment.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI-powered imposter poses as US Secretary of State Rubio

An imposter posing as US Secretary of State Marco Rubio used an AI-generated voice and text messages to contact high-ranking officials, including foreign ministers, a senator, and a state governor.

The messages, sent through SMS and the encrypted app Signal, triggered an internal warning across the US State Department, according to a classified cable dated 3 July.

The individual created a fake Signal account using the name ‘Marco.Rubio@state.gov’ and began contacting targets in mid-June.

At least two received AI-generated voicemails, while others were encouraged to continue the chat via Signal. US officials said the aim was likely to gain access to sensitive information or compromise official accounts.

The State Department confirmed it is investigating the breach and has urged all embassies and consulates to remain alert. While no direct cyber threat was found, the department warned that shared information could still be exposed if targets were deceived.

A spokesperson declined to provide further details for security reasons.

The incident appears linked to a broader wave of AI-driven disinformation. A second operation, possibly tied to Russian actors, reportedly targeted Gmail accounts of journalists and former officials.

The FBI has warned of rising cases of ‘smishing’ and ‘vishing’ involving AI-generated content.

Experts now warn that deepfakes are becoming harder to detect, as the technology advances faster than defences.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Fraudsters exploit dormant Bitcoin addresses to steal data

Analysts at BitMEX Research have revealed a new scam aimed at early Bitcoin holders, particularly those with dormant wallets dating back to 2011. Attackers use Bitcoin’s OP_Return field to send false transactions and messages to deceive owners into sharing sensitive data.

One high-profile victim is the ‘1Feex’ wallet, known for holding around 80,000 BTC stolen from the Mt. Gox hack.

Scammers made a fake Salomon Brothers site claiming that wallets are abandoned unless owners prove ownership with signed messages or personal documents. The site bears no genuine link to the original financial firm or its former executives.

Crypto community members recommend a safer approach: moving a small amount of Bitcoin to demonstrate wallet activity instead of risking the full balance. BitMEX urges users to avoid interacting with fake sites or sharing personal data.

The scam exemplifies growing sophistication in crypto fraud, with losses exceeding $2.1 billion in just the first half of 2025.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot