Cybercriminals are increasingly abusing legitimate administrative software to access corporate networks, making malicious activity harder to detect. Attackers are blending into normal operations by relying on trusted workforce and IT management tools rather than custom malware.
Recent campaigns have repurposed ‘Net Monitor for Employees Professional’ and ‘SimpleHelp’, tools usually used for staff oversight and remote support. Screen viewing, file management, and command features were exploited to control systems without triggering standard security alerts.
Researchers at Huntress identified the activity in early 2026, finding that the tools were used to maintain persistent, hidden access. Analysis showed that attackers were actively preparing compromised systems for follow-on attacks rather than limiting their activity to surveillance.
The access was later linked to attempts to deploy ‘Crazy’ ransomware and steal cryptocurrency, with intruders disguising the software as legitimate Microsoft services. Monitoring agents were often renamed to resemble standard cloud processes, thereby remaining active without attracting attention.
Huntress advised organisations to limit software installation rights, enforce multi-factor authentication, and audit networks for unauthorised management tools. Monitoring for antivirus tampering and suspicious program names remains critical for early detection.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
BlockFills, an institutional digital asset trading and lending firm, has suspended client deposits and withdrawals, citing market volatility as Bitcoin experiences significant declines.
A notice sent to clients last week stated the suspension was intended ‘to further the protection of our clients and the firm.’ The Chicago-based company serves approximately 2,000 institutional clients and provides crypto-backed lending to miners and hedge funds.
Clients were informed they could continue trading under certain restrictions, though positions requiring additional margin could be closed.
The suspension comes as Bitcoin fell below $65,000 last week, down roughly 25% in 2026 and approximately 45% from its October peak near $120,000. In the digital asset industry, withdrawal halts are often interpreted as warning signs of potential liquidity constraints.
Several crypto firms, including FTX, BlockFi, and Celsius, imposed similar restrictions during prior downturns before entering bankruptcy proceedings.
BlockFills has not specified how long the suspension will last. A company spokesperson said the firm is ‘working hand in hand with investors and clients to bring this issue to a swift resolution and to restore liquidity to the platform.’
Founded in 2018 with backing from Susquehanna and CME Group, there is currently no public evidence of insolvency.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Dutch regulators have fined a cryptocurrency service provider for operating in the Netherlands without the legally required registration, underscoring intensifying enforcement across Europe’s digital asset sector.
De Nederlandsche Bank (DNB) originally imposed an administrative penalty of €2,850,000 on 2 October 2023. Authorities found the firm breached the Anti-Money Laundering and Anti-Terrorist Financing Act by offering unregistered crypto services.
Registration rules, introduced on 21 May 2020, require providers to notify supervisors due to elevated risks linked to transaction anonymity and potential misuse for money laundering or terrorist financing.
Non-compliance prevented the provider from reporting unusual transactions to the Financial Intelligence Unit-Netherlands. Regulators weighed the severity, duration, and culpability of the breach when determining the penalty amount.
Legal proceedings later altered the outcome. The Court of Rotterdam ruled on 19 December 2025 to reduce the fine to €2,277,500 and annulled the earlier decision on objection.
DNB has since filed a further appeal with the Trade and Industry Appeals Tribunal, leaving the case ongoing as oversight shifts toward MiCAR licensing requirements introduced in December 2024.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Russia’s State Duma has passed legislation establishing procedures for the seizure and confiscation of cryptocurrencies in criminal investigations. The law formally recognises digital assets as property under criminal law.
The bill cleared its third reading on 10 February and now awaits approval from the Federation Council and presidential signature.
Investigators may seize digital currency and access devices, with specialists required during investigative actions. Protocols must record asset type, quantity, and wallet identifiers, while access credentials and storage media are sealed.
Where technically feasible, seized funds may be transferred to designated state-controlled addresses, with transactions frozen by court order.
Despite creating a legal basis for confiscation, the law leaves critical operational questions unresolved. No method exists for valuing volatile crypto assets or for their storage, cybersecurity, or liquidation.
Practical cooperation with foreign crypto platforms, particularly under sanctions, also remains uncertain.
The government is expected to develop subordinate regulations covering state custody wallets and enforcement mechanics. Russia faces implementation challenges, including non-custodial wallet access barriers, stablecoin freezing limits, and institutional oversight risks.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
South Korea’s second-largest cryptocurrency exchange, Bithumb, is attempting to recover more than $40bn in Bitcoin after a promotional payout error credited customers with Bitcoin rather than Korean won.
The mistake occurred on 6 February during a ‘random box’ event, when prize values were entered in Bitcoin rather than in Bitcoin. Intended rewards totalled 620,000 won for 695 users, yet 620,000 bitcoins were distributed.
Only 249 customers opened their boxes, but the credited sums exceeded the exchange’s holdings.
Most balances were reversed through internal ledger corrections. About 13bn won ($9m) remains unrecovered after some users sold or withdrew funds before accounts were frozen. Authorities said 86 customers liquidated roughly 1,788 Bitcoins within 35 minutes.
Regulators have opened a full investigation, and lawmakers have scheduled an emergency hearing. Legal uncertainty remains over liability, while the exchange confirmed no hacking was involved and pledged stronger internal controls.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Procivis has been selected to build Lithuania’s European Digital Identity Wallet sandbox, advancing preparations for the EU digital identity rollout. The 12-month initiative will be delivered in partnership with the state Agency for Digital Solutions.
The project will establish a national test environment designed to simulate real-world digital identity scenarios. Built on Procivis One, the platform meets eIDAS 2.0 requirements and will validate the wallet infrastructure before EU deployment.
Testing will cover use cases for citizens, public institutions, and private-sector relying parties. Cross-border scenarios, including access to public and travel-related services, will also be explored to ensure interoperability across EU member states.
The sandbox will contribute to Lithuania’s readiness for the 2026 eIDAS 2.0 deadline while supporting broader participation in the EU Large Scale Pilot programmes focused on digital identity innovation.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Kris Marszalek, CEO of Crypto.com, has launched ai.com, a platform enabling users to create personal AI agents for everyday digital tasks. The rollout marks Marszalek’s expansion beyond crypto infrastructure into autonomous AI systems.
The beta debut was promoted through a high-profile television commercial aired during Super Bowl 60 on NBC, leveraging one of the world’s largest broadcast audiences. Early access lets users reserve usernames while waiting for their customised AI agents to be deployed.
Marszalek said the long-term goal is a decentralised network of self-improving AI agents that handle email, scheduling, shopping, and travel planning. The initiative aims to accelerate the development of artificial general intelligence through distributed AI agent networks.
The launch arrives amid intensifying competition in the AI agent sector. Major tech firms are launching agent platforms and large ad campaigns, signalling rising commercial momentum behind autonomous digital assistants.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Quantum computing concerns around Bitcoin have resurfaced, yet analysis from CoinShares indicates the threat remains long-term. The report argues that quantum risk is an engineering challenge that gives Bitcoin ample time to adapt.
Bitcoin’s security relies on elliptic-curve cryptography. A sufficiently advanced quantum machine could, in theory, derive private keys using Shor’s algorithm, which requires millions of stable, error-corrected qubits, and remains far beyond current capability.
Network exposure is also limited. Roughly 1.6 million BTC is held in legacy addresses with visible public keys, yet only about 10,200 BTC is realistically targetable. Modern address formats further reduce the feasibility of attacks.
Debate continues over post-quantum upgrades, with researchers warning that premature changes could introduce new vulnerabilities. Market impact, for now, is viewed as minimal.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!
Chinese regulators have tightened controls on digital assets by banning the unauthorised issuance of yuan-pegged stablecoins overseas. The move extends existing restrictions to tokenised financial products linked to China’s currency and reinforces state control over monetary instruments.
In a joint notice, the People’s Bank of China and seven other agencies said no domestic or foreign entity may issue renminbi-linked stablecoins without approval. Authorities warned that such tokens replicate core monetary functions and could undermine currency sovereignty.
The rules also cover blockchain-based representations of real-world assets, including tokenised bonds and equities. Overseas providers are prohibited from offering these services to users in China without regulatory permission.
Beijing reaffirmed that cryptocurrencies such as Bitcoin and Ether have no legal tender status. Facilitating payments or related services using such assets remains illegal under China’s financial laws.
The measures align with China’s broader strategy of restricting private digital currencies while advancing the state-backed digital yuan. Officials have recently expanded the e-CNY’s role by allowing interest payments to encourage wider adoption.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
Betterment has confirmed a data breach affecting around 1.4 million customers after a January 2026 social engineering attack on a third-party platform. Attackers used the access to send fraudulent crypto scam messages posing as official promotions.
The breach occurred after an employee was tricked into sharing login credentials, allowing unauthorised access to internal messaging systems rather than core investment infrastructure. Attackers used the access to send messages promising to multiply cryptocurrency deposits sent to external wallets.
Subsequent forensic analysis and breach monitoring services confirmed that more than 1.4 million unique records were exposed. Betterment said investment accounts and login credentials were not compromised during the incident.
Exposed information included names, email addresses, phone numbers, physical addresses, dates of birth, job titles, location data, and device metadata. Security experts warn that such datasets can enable targeted phishing, identity fraud, and follow-on social engineering campaigns.
Betterment revoked access the same day, notified customers, and launched an external investigation. The breach was formally added to public exposure databases in early February, highlighting the growing risk of human-focused attacks against financial platforms.
Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!
