Russia’s central bank has announced plans to develop a new platform to curb illegal financial activities, including unregulated crypto-to-fiat over-the-counter services. Collaborating with Rosfinmonitoring and financial institutions, the initiative aims to track and block suspicious transactions while preventing misuse of banking systems.
The system focuses on individuals known as ‘droppers,’ who exploit bank accounts for illicit purposes such as money laundering, drug trade, and unregulated cryptocurrency exchanges. Currently, monitoring is limited to individual banks, making it challenging to prevent offenders from opening accounts elsewhere. A centralised database is expected to improve information sharing across all financial institutions.
The Bank of Russia has stressed the need for a solution that enforces regulations without causing unnecessary harm to law-abiding citizens. While the project is still in development, no official timeline for its launch has been provided.
Authorities in Thailand are taking steps to regulate bulk SIM card purchases to combat their misuse in scams targeting Thai citizens. The issue came to light following the police seizure of 200,000 prepaid SIM cards linked to a Chinese call center gang.
Currently, there are no restrictions on corporate bulk SIM purchases, aside from a rule requiring registration for users holding more than five numbers. The lack of oversight has enabled SIM cards to be used illegally, particularly near borders where foreign SIMs are common.
Many of these cards are intentionally registered without clear user identities or are misused in IoT devices, GPS trackers, or sold to tourists. To address these gaps, the Ministry of Digital Economy and Society has proposed legal reforms requiring mobile operators and banks to verify buyer identities and notify users of suspicious transactions.
Additionally, stricter regulations on SMS messages with embedded links are set to take effect next year. Inspired by policies in countries like Singapore and Australia, these reforms aim to enhance accountability and curb abuse.
The National Broadcasting and Telecommunications Commission (NBTC) emphasises a gradual approach to implementing these measures to minimise inconvenience for consumers and avoid disrupting legitimate business operations. While tackling the misuse of SIM cards, authorities aim to strike a balance between protecting the public and ensuring businesses can operate smoothly. This measured approach reflects the broader goal of preventing scams while maintaining economic and social stability.
Google contractors improving the Gemini AI model have been tasked with comparing its responses against those of Anthropic’s Claude, according to internal documents reviewed by TechCrunch. The evaluation process involves scoring responses on criteria such as truthfulness and verbosity, with contractors given up to 30 minutes per prompt to determine which model performs better. Notably, some outputs identify themselves as Claude, sparking questions about Google’s use of its competitor’s model.
Claude’s responses, known for emphasising safety, have sometimes refused to answer prompts deemed unsafe, unlike Gemini, which has faced criticism for safety violations. One such instance involved Gemini generating responses flagged for inappropriate content. Despite Google’s significant investment in Anthropic, Claude’s terms of service prohibit its use to train or build competing AI models without prior approval.
A spokesperson for Google DeepMind stated that while the company compares model outputs for evaluation purposes, it does not train Gemini using Anthropic models. Anthropic, however, declined to comment on whether Google had obtained permission to use Claude for these tests. Recent revelations also highlight contractor concerns over Gemini producing potentially inaccurate information on sensitive topics, including healthcare.
Greek authorities have made their first-ever cryptocurrency seizure, confiscating 273,000 USDT (Tether) as part of a criminal investigation. The operation, conducted in December, was carried out under the supervision of the Greek European Public Prosecutor’s Office and involved collaboration with various law enforcement departments, including the Digital Evidence Examination Department.
The seizure, which is part of the ongoing ‘Admiral’ operation, highlights the growing challenges law enforcement faces in dealing with advanced technologies like blockchain and cryptocurrencies. Cryptocurrencies, known for their anonymity and security features, are often used in criminal activities such as fraud and money laundering. Experts stress the need for precision and expertise in handling digital assets, as mistakes can lead to irreversible losses.
Crypto-related scams are becoming more common in Greece, with many victims falling prey to fraudulent schemes. As cryptocurrencies gain popularity, particularly with the rise of Bitcoin and NFTs, the lack of understanding among the public increases the risk of scams. Experts warn that technological advances in AI are making these scams harder to detect, even for experienced investors.
In addition to combating fraud, authorities are also focusing on the management of seized cryptocurrencies, with plans to convert them into funds for the state, similar to practices in other European countries.
The United Nations General Assembly has adopted a landmark treaty to combat cybercrime, marking the culmination of five years of negotiations. The UN Convention against Cybercrime is set to become the first global instrument for global efforts to combat cybercrime and enhance international cooperation and technical assistance.
The UN Office on Drugs and Crime (UNODC), which acted as secretariat throughout the negotiations, celebrated the treaty as a victory for global cooperation.
‘Adopting this landmark convention is a major victory for multilateralism, marking the first international anti-crime treaty in 20 years. It is a crucial step forward in our efforts to address crimes like online child sexual abuse, sophisticated online scams and money laundering,’ said UNODC Executive Director Ghada Waly.
The General Assembly adopted the resolution by consensus, underscoring widespread support. Negotiations included contributions from civil society, academia, and the private sector, ensuring the treaty reflects diverse perspectives. However, many non-state actors raisedconcerns about the latest draft.
The treaty will open for signature during a formal ceremony in Vietnam in 2025 and will enter into force 90 days after being ratified by at least 40 member states. In addition, UNODC will continue its role as the secretariat for the Ad Hoc Committee, which is tasked with drafting a supplementary protocol to the Convention and supporting the future Conference of States Parties.
For more details about the Convention and negotiations process, please follow the dedicated page.
A crafty new scam is ensnaring would-be crypto thieves by baiting them with fake wallet seed phrases. Cybersecurity experts at Kaspersky have revealed how scammers post these phrases in YouTube comments, claiming the wallets hold significant funds. The wallets, however, are traps designed to exploit anyone attempting to steal the assets.
One wallet discovered by Kaspersky analyst Mikhail Sytnik reportedly held $8,000 in USDT on the Tron network. A thief must send Tron (TRX) tokens to move the funds to cover transaction fees. Unbeknownst to them, the wallet is a multi-signature account, meaning the TRX sent for fees is instantly redirected to another wallet controlled by the scammers.
Sytnik described the scammers as “digital Robin Hoods” for targeting other opportunists. He advised people never to try accessing others’ wallets, even if given a seed phrase, and to remain cautious of strangers’ claims about cryptocurrency online.
This isn’t the first time fraudsters have exploited greed in the crypto space. In July, Kaspersky exposed a similar scam on Telegram, where users were tricked into downloading malware disguised as legitimate crypto tools, potentially compromising their devices and funds.
Marriott International and Starwood Hotels have been ordered to improve data security following multiple breaches impacting over 344 million customers. The Federal Trade Commission (FTC) finalised the order on Friday, citing inadequate security practices. Major breaches occurred in 2015, 2018, and 2020, exposing sensitive customer information, including passport details and payment data.
Hackers gained prolonged access to systems during the breaches, with one lasting four years undetected. The companies must now implement measures such as limiting data retention and providing US customers with a way to request the deletion of personal information tied to their accounts.
The FTC accused the hotel chains of misleading consumers with claims of robust data security while failing to address basic vulnerabilities like weak passwords and outdated software. The Connecticut Attorney General’s office also announced a $52 million settlement with Marriott on the same day.
Under the 20-year order, Marriott and Starwood must maintain compliance records, undergo inspections, and ensure transparency about their data handling practices. The ruling is part of broader efforts to hold businesses accountable for safeguarding customer information.
Officials from the United States and Israel have refuted claims of approving the sale of Israeli spyware firm Paragon to Florida-based AE Industrial Partners. Reports of the transaction surfaced in Israeli media, suggesting both governments had greenlit the deal, but US and Israeli representatives dismissed these assertions.
The White House clarified that the sale was a private transaction with no formal US approval, while Israel‘s Defence Ministry stated it was still evaluating the deal. Paragon, linked to former Israeli intelligence officers, has faced scrutiny in the US market, including a paused $2 million contract with ICE.
The alleged acquisition has drawn attention due to Paragon’s ties to national security and controversial surveillance software. Both AE and Paragon have not yet commented on the situation.
The United States has charged Rostislav Panev, a Russian-Israeli dual citizen, for his alleged role as a developer for the Lockbit ransomware group, which authorities describe as one of the world’s most destructive cybercrime operations. Panev, arrested in Israel in August, awaits extradition.
Lockbit, active since 2019, targeted over 2,500 victims across 120 countries, including critical infrastructure and businesses, extorting $500 million. Recent arrests, guilty pleas, and international law enforcement efforts have significantly disrupted the group’s activities.
Experts say law enforcement actions have tarnished Lockbit’s reputation, reducing its attacks and deterring affiliates. Authorities emphasise the importance of holding cybercriminals accountable.
NETSCOUT SYSTEMS announced significant updates to its Arbor Edge Defense (AED) and Arbor Enterprise Manager (AEM) products as part of its Adaptive DDoS Protection solution. These enhancements are designed to address the growing threats of AI-enabled DDoS attacks, which have surged in sophistication and frequency.
Application-layer and volumetric attacks have increased by 43% and 30%, respectively, with DDoS-for-hire services making attacks easier to execute. To combat these evolving threats, NETSCOUT leverages AI and machine learning (ML) within its ATLAS Threat Intelligence system, which monitors over 550 Tbps of real-time internet traffic across 500 ISPs and 2,000 enterprise sites worldwide.
The AI/ML-powered solution enables dynamic threat identification and mitigation, creating a scalable, proactive defence mechanism. The updated AED and AEM products automate a closed-loop DDoS attack detection and mitigation process, providing real-time protection by adapting to changing attack vectors and applying mitigation recommendations automatically.
NETSCOUT’s solution also offers comprehensive protection across hybrid IT environments, including on-premise infrastructure, private data centres, and public cloud platforms like AWS and Microsoft Azure, with enhancements such as 200 Gbps mitigation capacity, high-performance decryption, and visibility into non-DDoS threats.
By minimising downtime and safeguarding business-critical services, NETSCOUT’s Adaptive DDoS Protection reduces business risks and protects productivity and reputation. As the threat landscape continues to evolve, organisations can rely on NETSCOUT’s innovative technology to stay ahead of attackers and maintain IT resilience. Industry experts and agencies like the Cybersecurity & Infrastructure Security Agency (CISA) highlight the need for adaptive cybersecurity measures. NETSCOUT’s AI/ML-driven solutions meet these demands by offering robust, future-proof protection for critical IT infrastructure.
