Encryption

Metaplanet’s Bitcoin stash exceeds $700 million

Japanese investment firm Metaplanet now holds 6,796 BTC, worth approximately $707 million, surpassing El Salvador in Bitcoin holdings. On 12 May, the firm added 1,241 BTC, investing $129 million at current prices.

Metaplanet, which began its Bitcoin strategy in April 2024, has aggressively increased its holdings, with purchases of over 37,000 BTC in recent months. It is now the largest Bitcoin holder in Asia and the tenth largest globally.

Despite the massive acquisitions, the firm’s Bitcoin yield has surged, with a 95.6% yield in Q1 2025. El Salvador, holding 6,714 BTC, remains a significant player but is now outpaced by the Japanese firm.

Meanwhile, Michael Saylor hinted at another Bitcoin purchase for Strategy, which holds 555,450 BTC, valued at $57.8 billion.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Cybercriminals trick users with fake AI apps

Cybercriminals are tricking users into downloading a dangerous new malware called Noodlophile by disguising it as AI software. Rather than using typical phishing tactics, attackers create convincing fake platforms that appear to offer AI-powered tools for editing videos or images.

These are promoted through realistic-looking Facebook groups and viral social media posts, some of which have received over 62,000 views.

Users are lured with promises of AI-generated content and are directed to bogus sites, one of which pretends to be CapCut AI, offering video editing features. Once users upload prompts and attempt to download the content, they unknowingly receive a malicious ZIP file.

Inside, it is a disguised program that kicks off a chain of infections, eventually installing the Noodlophile malware. However, this software can steal browser credentials, crypto wallet details, and other sensitive data.

The malware is linked to a Vietnamese developer who identifies themselves as a ‘passionate Malware Developer’ on GitHub. Vietnam has a known history of cybercrime activity targeting social media platforms like Facebook.

In some cases, the Noodlophile Stealer has been bundled with remote access tools like XWorm, which allow attackers to maintain long-term control over victims’ systems.

This isn’t the first time attackers have used public interest in AI for malicious purposes. Meta removed over 1,000 dangerous links in 2023 that exploited ChatGPT’s popularity to spread malware.

Meanwhile, cybersecurity experts at CYFIRMA have reported another threat: a new, simple yet effective malware called PupkinStealer, which secretly sends stolen information to hackers using Telegram bots.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Vitalik Buterin proposes simplifying Ethereum to boost developer adoption

Vitalik Buterin, co-founder of Ethereum, plans to simplify the blockchain to boost developer adoption and enhance scalability. Buterin aims to simplify Ethereum infrastructure, making it more accessible and reducing the cost.

In his proposal, Buterin draws comparisons to Bitcoin. He argues that simplifying Ethereum could promote growth and make the platform more user-friendly, similar to Bitcoin’s model.

Buterin’s proposal includes setting a maximum code line target to streamline Ethereum’s development. He believes that by simplifying the codebase, Ethereum can attract more developers and enhance overall performance.

His long-term goal is for Ethereum to rival Bitcoin within five years, despite the current low ETH/BTC ratio. Despite criticism of Ethereum’s Proof-of-Stake shift for centralisation, Buterin sees simplification as a move towards greater decentralisation.

The price of Ethereum has been steadily rising, supported by strong technical indicators. Despite institutional caution towards altcoins, Ethereum continues to lead in the tokenisation of real-world assets.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

€34 million in crypto seized from eXch for facilitating money laundering

German authorities have seized cryptocurrency and server infrastructure worth €34 million ($37.4 million) from the now-defunct eXch crypto exchange. Prosecutors allege the platform operated without proper licences, facilitating money laundering for North Korean hackers involved in the Bybit hack.

The exchange reportedly processed transactions without implementing necessary anti-money laundering controls, attracting criminals seeking to launder stolen funds.

Authorities also claim that eXch was involved in laundering millions from multiple high-profile crypto thefts, including the $1.4 billion Bybit hack. The exchange’s services were available on both the clearnet and the darknet, and advertised on underground criminal platforms.

In addition to cryptocurrency holdings, the confiscated assets include server hardware and other digital infrastructure linked to the exchange’s operations.

While eXch announced its closure last month, blockchain analytics firm TRM Labs suggested that it continued operating. The exchange’s involvement in illicit activities, including refusal to block addresses linked to phishing schemes, has sparked further scrutiny.

As Germany prepares to discuss North Korean crypto hacks at the G7 summit, these latest developments are likely to be high on the agenda.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

McGregor proposes Bitcoin reserve in Irish presidential campaign

Conor McGregor has proposed the creation of a national Bitcoin reserve for Ireland, calling it a move to return financial power to the people.

The former UFC champion announced his independent candidacy for president in March. He shared the Bitcoin proposal in a post on X, linking it to crypto’s core values of decentralisation and empowerment.

His proposal comes during a sharp upswing in the Bitcoin market, with the cryptocurrency recently surging to over $104,000. McGregor aims to host a public X Spaces discussion, inviting major Bitcoin figures to help shape the plan.

Crypto influencers Anthony Pompliano and David Bailey have already shown interest, and McGregor responded positively to their involvement.

Despite the bold idea, the path forward is uncertain. Ireland has never explored a sovereign Bitcoin reserve, and implementing such a strategy could face political and regulatory resistance.

McGregor’s credibility in the crypto space is also under scrutiny. His previous blockchain venture, REAL, collapsed after failing to meet its funding goal and was forced to refund investors. Legal challenges, including an appeal against a civil assault conviction, further complicate his campaign.

Bitcoin, meanwhile, is holding above $103,000 after peaking at $104,765. However, momentum is weakening, with RSI and MACD indicators suggesting reduced buying pressure. If the price drops below $103,000, further downside may follow. For now, traders are watching key support levels closely.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

LockBit ransomware hacked, data on affiliates leaked

Internal data from the notorious LockBit ransomware group has been leaked following a hack of one of its administration panels. Over 200 conversations between affiliates and victims were also uncovered, revealing aggressive ransom tactics ranging from demands of a few thousand to over $100,000.

The breach, discovered on 7 May, exposed sensitive information including private chats with victims, affiliate account details, Bitcoin wallet addresses, and insights into LockBit’s infrastructure.

A defaced message on the group’s domain read: ‘Don’t do crime, crime is bad xoxo from Prague,’ linking to a downloadable archive of the stolen data. Although LockBit confirmed the breach, it downplayed its impact and denied that any victim decryptors were compromised.

Security researchers believe the leak could provide crucial intelligence for law enforcement. Searchlight Cyber identified 76 user credentials, 22 of which include TOX messaging IDs, commonly used by hackers and connected some users to aliases on criminal forums.

Speculation suggests the hack may be the result of infighting within the cybercriminal community, echoing a recent attack on the Everest ransomware group’s site. Authorities continue to pursue LockBit, but the group remains active despite previous takedowns.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

China’s quantum breakthroughs push urgent need for post-quantum security

The global cybersecurity community faces a ticking clock. China’s rapid advances in quantum computing, combined with insufficient global investment in quantum-safe cryptography, have placed Chief Information Security Officers (CISOs) at a critical crossroads.

With an estimated remediation timeline of seven years for most organisations, experts warn that critical systems are already at risk of future quantum attacks.

Quantum computing’s potential is often likened to a ‘Quantum Key’ capable of simultaneously testing every possible lock combination—effectively rendering today’s encryption obsolete.

If realised, such capabilities could expose every encrypted email, financial transaction, and state secret currently thought to be secure.

A 2024 report from the Global Risk Institute estimated a 5–14% chance that RSA-2048 encryption could be broken by 2029, rising to 19–34% by 2034. Those estimates, however, may already be outdated.

In early 2025, Chinese researchers unveiled breakthroughs in photonic quantum chips and a 72-qubit quantum processor named ‘Origin Wukong,’ capable of fine-tuning billion-parameter AI models. Earlier, in October 2024, Chinese scientists published a method for breaking RSA encryption.

With China reportedly investing $10–15 billion in quantum development—vastly outpacing the US, EU, and Microsoft’s combined commitments—there are growing fears that the West is losing the quantum arms race.

The geopolitical consequences of quantum dominance could be immediate and devastating. From unlocking encrypted communications to enabling undetectable weapons systems, a lead in quantum technology may deliver military and economic supremacy

The ‘harvest now, decrypt later’ strategy—where sensitive data is collected now to be decrypted when quantum computing is mature—presents an especially urgent concern for governments, banks, and healthcare providers.

Despite the looming threat, many organisations are underprepared. The long remediation period—estimated at over seven years for full transition—means that even proactive companies are not immune to future breaches.

The National Institute of Standards and Technology (NIST) has recommended the ML-KEM algorithm for post-quantum cryptography, with the HQC algorithm selected as a backup.

In contrast, China launched its own national cryptographic competition (NGCC) in early 2025, signalling distrust of foreign standards and intent to develop domestic alternatives.

To prepare for a post-quantum world, organisations should act now:

  • Conduct discovery: Identify systems reliant on RSA or ECC encryption, and catalogue keys based on risk.
  • Engage vendors: Ask suppliers about their post-quantum transition plans and expected compliance timelines.
  • Build a team: Assemble a multidisciplinary group including cryptography specialists, project managers, architects, and change leaders to lead a 5–7 year remediation program.

The systems most vulnerable to quantum threats include public-key cryptography (RSA, ECC), SSL/TLS protocols, secure messaging platforms, and cryptocurrency infrastructure.

By contrast, legacy and non-networked systems without encryption are generally considered low risk.

While some may compare this to the Y2K scare, there’s a critical difference: Y2K had a known deadline. The quantum threat has no set arrival date.

As with a surprise exam, unpreparedness can be far more dangerous. Still, the transition will likely unfold gradually rather than overnight, giving early movers a significant advantage.

The message is clear: the time to begin migrating to quantum-resistant cryptography is now. The future of national security, economic stability, and digital privacy may well depend on who gets there first.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Changpeng Zhao applies for presidential pardon after legal settlement

Changpeng Zhao, founder and former CEO of Binance, has confirmed he formally applied for a presidential pardon after previously denying media reports about it.

In an interview on Farokh Radio on 6 May, Zhao revealed his legal team filed the request following intense media speculation. He mentioned that after reports from Bloomberg and The Wall Street Journal linked him to a pardon, he decided to officially apply.

Zhao cited US President Donald Trump’s pardons of three BitMEX executives as a key motivator behind his decision. In November 2023, Zhao pleaded guilty to violating the Bank Secrecy Act.

It resulted in Binance paying a $4.3 billion fine, with Zhao personally contributing $50 million. He was sentenced to four months in prison and barred from holding a management position at Binance.

Though a pardon would not erase his conviction, it could potentially clear the way for Zhao to return to leadership at Binance.US. However, Zhao, who stepped down as CEO and served his sentence, has said he has no intention of returning to the company’s helm.

He now focuses on advisory roles, helping countries like Pakistan and Kyrgyzstan with crypto regulation.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Insider trades suspected before MELANIA token launch

A Financial Times investigation has revealed that select wallets bought millions of dollars’ worth of the MELANIA memecoin just minutes before its public launch. These early trades generated nearly $100 million in profits, raising concerns over transparency and potential insider activity.

The MELANIA token, launched on 19 January 2025, was promoted by Melania Trump only two days after the Official Trump token debuted.

Both Solana-based memecoins have faced heavy criticism for lacking utility and appearing more like speculative assets. One wallet alone made over $39 million within 12 hours of launch, having invested just before the token was publicly announced.

Despite the apparent unfair advantage, such actions remain legal under current US regulations, as memecoins are not classified as securities. Still, blockchain analysts have linked MELANIA’s team to other memecoin sniping and pump-and-dump schemes.

Meanwhile, the Official Trump token, run by a separate team, has generated over $1.1 billion in profits, primarily benefiting a small group of large holders.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

New EU regulation to track crypto transfers and ban privacy coins

The European Union is set to introduce new measures under its Anti-Money Laundering Regulation (AMLR) to track cryptocurrency transfers. The EU aims to gather data on both senders and recipients of funds, expanding transparency within crypto-asset service providers.

From 1 July 2027, cryptocurrency exchanges and custodial services will be prohibited from dealing with anonymous wallets and privacy coins. The regulation also mandates ‘intrusive checks’ for self-hosted wallets, requiring verification for transactions over €1,000.

However, this move has sparked concerns within the cryptocurrency industry, with critics arguing that it could limit privacy and push the sector into less transparent markets.

Monero developer Riccardo Spagni and other industry figures fear the regulations could drive privacy-focused firms to relocate to jurisdictions that support privacy rights.

They warn that the EU’s approach could hinder innovation and push parts of the crypto economy into the black market.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot