Hackers are using fake job offers from well-known crypto firms to trick victims into installing malware that grants them access to devices and wallets. According to blockchain expert Taylor Monahan, these scams begin with the hackers posing as recruiters offering high-paying roles, with salaries ranging from $200,000 to $350,000. Instead of sharing documents or software, victims are led through a series of steps to “fix” technical issues with their microphone and camera, which results in malware installation.
Monahan explained that the scam unfolds during lengthy interviews where the final step involves the victim being instructed to resolve an access issue. Following the given instructions prompts a fake browser update that compromises their system. The malware can provide attackers with backdoor access to steal crypto funds or cause other damage, and it works across Mac, Windows, and Linux platforms.
These fake recruiters approach victims on LinkedIn, freelancer platforms, and chat apps like Discord and Telegram, advertising roles at major crypto firms like Gemini and Kraken. Monahan advised those who suspect exposure to the malware to wipe their devices and urged everyone in the crypto space to remain vigilant against such tactics.
Hackers temporarily disrupted around ten official websites in Italy on Saturday, including those of the Foreign Ministry and Milan’s two airports, according to the country’s cybersecurity agency. The pro-Russian group Noname057(16) claimed responsibility on Telegram, describing the attack as a retaliation against what it called Italy’s ‘Russophobia.’
The attack, a Distributed Denial of Service (DDoS) operation, flooded networks with excessive data traffic, paralysing their functionality. Italy’s cybersecurity agency acted swiftly, mitigating the impact within two hours. A spokesperson confirmed that assistance was provided to affected institutions and companies.
Despite the disruptions, flights at Milan’s Linate and Malpensa airports were unaffected, and the airports’ mobile apps continued to operate normally, according to SEA, the company managing the airports. Authorities continue to investigate the incident, highlighting ongoing threats from cyber groups linked to geopolitical tensions.
President-elect Donald Trump has called on the US Supreme Court to postpone implementing a law that would ban TikTok or force its sale, arguing for time to seek a political resolution after taking office. The court will hear arguments on the case on 10 January, ahead of a 19 January deadline for TikTok’s Chinese owner, ByteDance, to sell the app or face a US ban.
The move marks a stark shift for Trump, who previously sought to block TikTok in 2020 over national security concerns tied to its Chinese ownership. Trump’s legal team emphasised that his request does not take a stance on the law’s merits but seeks to allow his incoming administration to explore alternatives. Trump has expressed a newfound appreciation for TikTok, citing its role in boosting his campaign visibility.
TikTok, with over 170 million US users, continues to challenge the legislation, asserting that its data and operations affecting US users are fully managed within the country. However, national security concerns persist, with the Justice Department and a coalition of attorneys general urging the Supreme Court to uphold the divest-or-ban mandate. The case highlights the growing debate between free speech advocates and national security interests in regulating digital platforms.
A power provider in Siberia’s Irkutsk region has been caught illegally leasing land to crypto miners, with the plot originally designated for public utilities. The Irkutsk Region Prosecutor-General’s Office announced that the unnamed power company had facilitated the establishment of a crypto mining farm, leading to a fine of 330 thousand rubles (approximately $3,120) and an ongoing administrative case against the firm.
This case highlights the ongoing issue of illegal crypto mining in Russia, particularly in Siberia, where miners are drawn to cheap electricity and low temperatures that reduce cooling costs. However, the increased demand for power has led to grid instability and power outages in the region, prompting Moscow to implement temporary mining bans in some areas. Despite these measures, illegal mining continues to thrive, especially in Irkutsk.
Other parts of Russia, like Tyumen and the Komi Republic, are emerging as alternative hotspots for crypto mining, with new facilities being developed to attract miners. In addition to these developments, Russia’s largest industrial mining firm, BitRiver, is building a new 100MW data centre in Buryatia, set to become the largest in the Far Eastern Federal District. These moves reflect the growing demand for crypto mining infrastructure across the country, despite the regulatory challenges.
The Diriyah Company has partnered with the Saudi Federation for Cybersecurity, Programming, and Drones (SAFCSP) to enhance the city’s digital security and align with the goals of Saudi Vision 2030. That collaboration aims to protect Diriyah’s digital infrastructure as it transforms into a cultural and heritage hub.
As part of the agreement, Diriyah Co. will join BugBounty, the Middle East’s first cybersecurity research platform, to identify and address software vulnerabilities. Additionally, the partnership includes initiatives such as conferences, workshops, and public awareness campaigns to foster a culture of cybersecurity.
To further strengthen capabilities, SAFCSP will provide Diriyah Co. access to its professional database for recruiting cybersecurity specialists. It will also offer specialised training programs to employees and identify top-performing students for advanced training opportunities.
The partnership supports innovation and collaboration across government and private sectors by integrating advanced cybersecurity measures and prioritising talent development. These efforts aim to create a secure and sustainable digital future for Diriyah, empowering the next generation with advanced technology and driving cultural, economic, and technological growth in line with Saudi Vision 2030.
Manually created Windows 11 installer media for October and November 2024 patches could leave systems unable to install future security updates. The issue impacts USB or CD installers for version 24H2 and may affect businesses, schools, and PC enthusiasts.
Microsoft clarified that systems receiving October and November updates via Windows Update or the Update Catalog remain unaffected. However, media-created installations require rebuilding with the December 2024 update, followed by a full reinstallation. Microsoft recommends ensuring December’s patch is included in new installation media.
The company acknowledged the issue on its known problems page and is actively developing a permanent fix. Other bugs in version 24H2 have also emerged, affecting audio devices, Outlook with outdated Google Workspace Sync, and certain Ubisoft games.
Indian tax authorities have uncovered a complex money laundering scheme involving hawala networks and cryptocurrency transactions in Jaipur. The investigation, triggered by raids on local wedding planners, led to the seizure of $2 million (₹20 crores) in cash and jewellery. Officials also recovered three crypto wallets linked to the operation, including one tied to a major global exchange.
The scheme involved clients making unreported cash payments exchanged for cryptocurrencies like Bitcoin and Tether through hawala operators in Gujarat and Rajasthan. Hawala, an illegal payment system, allows funds to be transferred abroad without moving money physically. Authorities believe the perpetrators exploited crypto exchanges with weak KYC policies or intermediaries to launder funds.
Records of these activities, including WhatsApp messages, emails, and spreadsheets, reveal the network extends beyond Jaipur to cities like Mumbai, Hyderabad, and Delhi. The operation also implicated resorts, hotels, and event service providers who accepted cash or bank payments. The tax department plans further raids across India to tackle tax evasion in the wedding and events industry.
OpenAI’s ChatGPT, Sora, and developer API experienced a significant outage on Thursday, disrupting services for over four hours. The issue began around 11 a.m. PT, with partial recovery reported by 2:05 p.m. PT. By 3:16 p.m. PT, OpenAI stated that Sora was operational, though ChatGPT users might still encounter issues accessing their chat history.
According to OpenAI’s status page, the outage was caused by one of their upstream providers, but the company did not provide further details. This marks the second major outage for OpenAI’s services in December. Two weeks ago, a similar incident attributed to a telemetry service malfunction resulted in a six-hour disruption, a notably longer downtime than usual.
Interestingly, popular platforms utilising OpenAI’s API, such as Perplexity and Siri’s Apple Intelligence integration, appeared unaffected during the outage, as confirmed by their status pages and independent testing. OpenAI is actively working to ensure full restoration of its services while addressing the root causes behind these recurring disruptions.
Elder fraud scams are becoming increasingly sophisticated, as illustrated by a recent case where an 82-year-old woman lost her life savings to criminals posing as the FBI. After depleting her accounts, the scammers coerced her into withdrawing funds via a Bitcoin machine and kept her isolated in a hotel under the guise of ‘protection.’ Despite her family’s intervention, the scammers struck again, convincing her to hand over $20,000 by exploiting false hopes of recovering a promised reward.
Elderly individuals are prime targets for such schemes, often due to their savings, trust in others, and unfamiliarity with modern technology. Fraudsters employ tactics like intimidation, urgency, and psychological manipulation to exploit their victims. According to recent statistics, seniors lose billions annually to scams, with the emotional toll leaving many feeling ashamed and fearful.
To combat these threats, experts recommend verifying unsolicited requests, limiting personal information sharing, using strong security measures, and reporting suspicious activity. Education and vigilance are key to protecting vulnerable individuals and ensuring scammers are outsmarted.
The UK government is intensifying efforts to safeguard children online, with new measures requiring social media platforms to implement robust age verification and protect young users from harmful content. Technology Secretary Peter Kyle highlighted the importance of ‘watertight’ systems, warning that companies failing to comply could face significant fines or even prison terms for executives.
The measures, part of the Online Safety Act passed in 2023, will see platforms penalised for failing to address issues such as bullying, violent content, and risky stunts. Ofcom, the UK‘s communications regulator, is set to outline further obligations in January, including stricter ID verification for adult-only apps.
Debate continues over the balance between safety and accessibility. While some advocate for bans similar to Australia‘s under-16 restrictions, teenagers consulted by Kyle emphasised the positive aspects of social media, including learning opportunities and community connections. Research into the impact of screen time on mental health is ongoing, with new findings expected next year.
