Economic

North Korea’s BlueNoroff uses deepfakes in Zoom calls to hack crypto workers

The North Korea-linked threat group BlueNoroff has been caught deploying deepfake Zoom meetings to target an employee at a cryptocurrency foundation, aiming to install malware on macOS systems.

According to cybersecurity firm Huntress, the attack began through a Telegram message that redirected the victim to a fake Zoom site. Over several weeks, the employee was lured into a group video call featuring AI-generated replicas of company executives.

When the employee encountered microphone issues during the meeting, the fake participants instructed them to download a Zoom extension, which instead executed a malicious AppleScript.

The script covertly fetched multiple payloads, installed Rosetta 2, and prompted for the system password while wiping command histories to hide forensic traces. Eight malicious binaries were uncovered on the compromised machine, including keyloggers, information stealers, and remote access tools.

BlueNoroff, also known as APT38 and part of the Lazarus Group, has a track record of targeting financial and blockchain organisations for monetary gain. The group’s past operations include the Bybit and Axie Infinity breaches.

Their campaigns often combine deep social engineering with sophisticated multi-stage malware tailored for macOS, with new tactics now mimicking audio and camera malfunctions to trick remote workers.

Cybersecurity analysts have noted that BlueNoroff has fractured into subgroups like TraderTraitor and CryptoCore, specialising in cryptocurrency theft.

Recent offshoot campaigns involve fake job interview portals and dual-platform malware, such as the Python-based PylangGhost and GolangGhost trojans, which harvest sensitive data from victims across operating systems.

The attackers have impersonated firms like Coinbase and Uniswap, mainly targeting users in India.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Massive data leak exposes 16 billion login credentials from Google, Facebook, and more

One of the largest-ever leaks of stolen login data has come to light, exposing more than 16 billion records across widely used services, including Facebook, Google, Telegram, and GitHub. The breach, uncovered by researchers at Cybernews, highlights a growing threat to individuals and organisations.

The exposed data reportedly originated from info stealer malware, previous leaks, and credential-stuffing tools. A total of 30 separate datasets were identified, some containing over 3.5 billion entries.

These were briefly available online due to unsecured cloud storage before being removed. Despite the swift takedown, the data had already been collected and analysed.

Experts have warned that the breach could lead to identity theft, phishing, and account takeovers. Smaller websites and users with poor cybersecurity practices are especially vulnerable. Many users continue to reuse passwords or minor variations of them, increasing the risk of exploitation.

While the leak is severe, users employing two-factor authentication (2FA), password managers, or passkeys are less likely to be affected.

Passkeys, increasingly adopted by companies like Google and Apple, offer a phishing-resistant login method that bypasses the need for passwords altogether.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Washington city orders removal of crypto ATMs over rising scams 

The Spokane City Council in Washington State has unanimously voted to ban virtual currency kiosks across the city, including crypto ATMs. The ordinance targets approximately 50 machines found at convenience stores, gas stations, and major retailers such as Safeway and Walgreens.

Operators must remove their kiosks within 60 days or risk fines and potential loss of business licences.

Council members highlighted the growing threat these kiosks pose to vulnerable residents, particularly seniors, who have fallen victim to scams. Council Member Paul Dillon described the machines as ‘preferred tools’ for fraudsters exploiting the decentralised nature of cryptocurrency and limited tracking options for stolen funds.

The council initially sought state-level regulation, but after legislative delays, Spokane chose local action to address the issue.

The FBI estimates $5.6 billion of the $6.5 billion lost nationwide to fraud, scams, and extortion in 2023 involved crypto kiosks. Seniors accounted for nearly half of these losses despite being a smaller percentage of the population.

Spokane Police Detective Tim Schwering reported numerous cases where victims were deceived into buying crypto through kiosks after being contacted by scammers impersonating law enforcement or tax officials. Tragically, several local suicides have been linked to these scams.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

France 24 partners with Mediagenix to streamline on-demand programming

Mediagenix has entered a collaboration with French international broadcaster France 24, operated by France Médias Monde, to support its content scheduling modernisation programme.

As part of the upgrade, France 24 will adopt Mediagenix’s AI-powered, cloud-based scheduling solution to manage content across its on-demand platforms. The system promises improved operational flexibility, enabling rapid adjustments to programming in response to major events and shifting editorial priorities.

Pamela David, Engineering Manager for TV and Systems Integration at France Médias Monde, said: ‘This partnership with Mediagenix is a critical part of equipping our France 24 channels with the best scheduling and content management solutions.’

‘The system gives our staff the ultimate flexibility to adjust schedules as major events happen and react to changing news priorities.’

Françoise Semin, Chief Commercial Officer at Mediagenix, added: ‘France Médias Monde is a truly global broadcaster. We are delighted to support France 24’s evolving scheduling needs with our award-winning solution.’

Training for France 24 staff will be provided by Lapins Bleus Formation, based in Paris, ahead of the system’s planned rollout next year.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

GENIUS Act clears path for bank-run blockchains

The Genius Act brings regulatory clarity, and Alchemy’s CTO Guillaume Poncin expects banks will soon issue stablecoins and operate their own blockchains as standard practice.

Poncin explains that banks stand to gain significant revenue by issuing stablecoins, retaining control over transactions and customer relationships. Clients will benefit from faster, 24/7 settlements with the security and protections associated with traditional banking.

Meanwhile, established stablecoin issuers such as Circle and Tether will continue to focus on crypto-native applications and international transfers, allowing banks to concentrate on institutional and corporate uses.

Banks are expected to utilise a combination of Layer 1 and Layer 2 blockchain networks. While Layer 1 offers maximum security for large transactions, Layer 2 provides scalable, cost-efficient solutions ideal for retail payments.

Ethereum’s Layer 2 ecosystems, secured by the mainnet, present flexible options for banks to meet compliance and performance needs. Interoperability between banks’ blockchains is a priority, with emerging protocols promising trustless and instant cross-chain settlements.

Following regulatory progress, many top banks are now actively pursuing stablecoin issuance, signalling rapid adoption in the near future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Ohio backs tax-free Bitcoin for everyday use

Ohio has passed a new bill that would make small Bitcoin transactions tax-free, positioning the state at the forefront of crypto adoption efforts in the US. The Ohio Blockchain Basics Act exempts Bitcoin payments under $200 from state capital gains tax, easing everyday crypto use.

The bill received overwhelming bipartisan support in the House, passing with a 68–26 vote. In addition to the tax exemption, it reinforces the right to self-custody and run Bitcoin nodes, which are vital to maintaining decentralised networks.

Advocates, including the Satoshi Action Fund, have called it one of the most robust Bitcoin rights bills to date.

HB 116 will now move to the Ohio Senate, and if approved, will require final confirmation from the Governor. The strong backing in the House has increased expectations for it to become law soon.

Ohio’s move follows similar efforts in states like Texas and Florida, which are exploring Strategic Bitcoin Reserves. Lawmakers across the country are ramping up pro-Bitcoin initiatives, reflecting broader national momentum in support of cryptocurrency-friendly regulation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Sam Altman claims OpenAI team rejecting Meta’s mega offers

Meta is intensifying efforts to recruit AI talent from OpenAI by offering signing bonuses worth up to $100 million and multi-million-pound annual salaries. However, OpenAI CEO Sam Altman claims none of the company’s top researchers have accepted the offers.

Speaking on the Uncapped podcast, Altman said Meta had approached his team with ‘giant offers’, but OpenAI’s researchers stayed loyal, believing the company has a better chance of achieving superintelligence—AI that surpasses human capabilities.

OpenAI, where the average employee reportedly earns around $1.13 million a year, fosters a mission-driven culture focused on building AI for the benefit of humanity, Altman said.

Meta, meanwhile, is assembling a 50-person Superintelligence Lab, with CEO Mark Zuckerberg personally overseeing recruitment. Bloomberg reported that offers from Meta have reached seven to nine figures in total compensation.

Despite the aggressive approach, Meta appears to be losing some of its own researchers to rivals. VC principal Deedy Das recently said Meta lost three AI researchers to OpenAI and Anthropic, even after offering over $2 million annually.

In a bid to acquire more talent, Meta has also invested $14.3 billion in Scale AI, securing a 49% stake and bringing CEO Alexandr Wang into its Superintelligence Lab leadership.

Meta says its AI assistant now reaches one billion monthly users, while OpenAI reports 500 million weekly active users globally.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

China pushes global use of digital yuan

China has reaffirmed its ambition to expand the use of its central bank digital currency, the digital yuan, beyond domestic borders. People’s Bank of China chief Pan Gongsheng said the country is committed to advancing the e-CNY to challenge US dollar dominance.

Speaking at the Lujiazui Forum, Pan confirmed the launch of an international operations centre for the digital yuan in Shanghai. He said China seeks a ‘multipolar’ global financial system, reducing reliance on a few major currencies such as the US dollar and the euro.

Pan also warned that traditional cross-border payment systems are increasingly exposed to geopolitical risk and can be weaponised through unilateral sanctions. China believes that digital currencies like the e-CNY offer a more stable and neutral alternative in such a landscape.

Despite the growing popularity of stablecoins for cross-border transactions, China remains focused on building a state-controlled digital currency.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Iran enforces crypto exchange curfew after Nobitex breach

Iran’s central bank has imposed strict operating hours on domestic crypto exchanges following a massive $100 million hack on Nobitex, the country’s largest digital asset platform. The move comes amid accusations that the incident was politically motivated.

According to blockchain analytics firm Chainalysis, exchanges in Iran are now required to operate between 10 am and 8 pm only. Analysts believe the curfew is aimed at improving monitoring capabilities and limiting capital flight during heightened Iran-Israel hostilities.

Andrew Fierman, head of national security intelligence at Chainalysis, suggested the decision was both a technical response to the hack and a strategic move to maintain tighter control over outflows.

The cyberattack, allegedly orchestrated by pro-Israel group Predatory Sparrow, targeted Nobitex’s internal systems, draining hot wallets of Bitcoin, Ether, Dogecoin, XRP, and Solana.

Cybersecurity experts say the stolen assets were transferred to burner wallets without access keys, effectively destroying them in a rare politically charged crypto burn. Nobitex stated it has isolated its systems and will compensate users using its reserve fund.

Nobitex plays a crucial role in Iran’s crypto economy, having processed over $11 billion in inflows, far outpacing all other domestic exchanges. Chainalysis notes the platform also has ties to sanctioned entities and terrorist-linked groups.

The incident is one in a series of recent cyberattacks on Iranian infrastructure, suggesting a growing digital front in the long-standing Iran-Israel conflict.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

AI diplomacy enters the spotlight with Gulf region partnerships

In a groundbreaking shift in global diplomacy, recent US-brokered AI partnerships in the Gulf region have propelled AI to the centre of international strategy. As highlighted by Slobodan Kovrlija, this development transforms the Gulf into a key AI hub, alongside the US and China.

Countries like Saudi Arabia, the UAE, and Qatar are investing heavily in AI infrastructure—from quantum computing to sprawling data centres—as part of a calculated effort to integrate more deeply into a US-led technological sphere and counter China’s Digital Silk Road ambitions. That movement is already reshaping global dynamics.

China is racing to deepen its AI alliances with developing nations, while Russia is leveraging the expanded BRICS bloc to build alternative AI systems and promote its AI Code of Ethics. On the other hand, Europe is stepping up efforts to internationalise its ‘human-centric AI’ regulatory approach under the EU AI Act.

These divergent paths underscore how AI capabilities are now as essential to diplomacy as traditional military or economic tools, forming emerging ‘AI blocs’ that may redefine geopolitics for decades. Kovrlija emphasises that AI diplomacy is no longer a theoretical concept but a practical necessity.

Being a technological front-runner now means possessing enhanced diplomatic influence, with partnerships based on AI potentially replacing older alliance models. However, this new terrain also presents serious challenges, such as ensuring ethical standards, data privacy, and equitable access. The Gulf deals, while strategic, also open a space for joint efforts in responsible AI governance.

Why does it matter?

As the era of AI diplomacy dawns, institutions like Diplo are stepping in to prepare diplomats for this rapidly evolving landscape. Kovrlija concludes that understanding and engaging with AI diplomacy is now essential for any nation wishing to maintain its relevance and influence in global affairs.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!