cybersecurity

​У результаті скоординованої міжнародної спецоперації правоохоронні органи Німеччини (BKA) та Швейцарії завдали нищівного удару по тіньовій економіці даркнету. Їм вдалося заблокувати інфраструктуру та вилучити сервери сумнозвісного сервісу Cryptomixer.
​Ця платформа тривалий час була ключовим інструментом для кіберзлочинців з усього світу. Міксер дозволяв "відмивати" цифрові активи, отримані незаконним шляхом — наприклад, внаслідок атак програм-вимагачів, фішингу або торгівлі наркотиками. Технологія змішування транзакцій ускладнювала відстеження кінцевих бенефіціарів брудних грошей.
​За попередніми даними, через Cryptomixer пройшли криптовалюти на десятки мільйонів доларів. Вилучення серверів дало слідчим доступ до цінної інформації про користувачів та транзакції, що обіцяє нову хвилю викриттів. Ця операція є чітким сигналом: анонімність у блокчейні не є абсолютною, а міжнародна співпраця силовиків стає дедалі ефективнішою у боротьбі з криптозлочинами.
​Хочете першими дізнаватися про гучні викриття, регулювання ринку та важливі новини індустрії? Підписуйтесь на наш тег #MiningUpdates !

#CryptoNews #CyberSecurity #MoneyLaundering #CryptoMixers #Bitcoin #BlockchainForensics #Regulation #Germany #Switzerland #CryptoCrime #Darknet

​Інтерпол офіційно визнав криптошахрайство глобальною злочинною загрозою, що свідчить про критичний масштаб проблеми у сучасну цифрову епоху. Це рішення підкреслює факт, що злочини з використанням віртуальних активів вже давно вийшли за межі національних кордонів, створюючи безпрецедентні виклики для правоохоронних систем усього світу.
​Зловмисники активно використовують анонімність, швидкість транзакцій та відсутність єдиного регулювання для відмивання грошей, створення складних фінансових пірамід та масштабних крадіжок активів. Оскільки ці схеми стають дедалі витонченішими, окремим країнам вкрай важко їм протистояти самотужки. Інтерпол наголошує на нагальній потребі посилення міжнародної співпраці, миттєвого обміну розвідувальними даними та гармонізації законодавства для ефективної боротьби з цим видом кіберзлочинності.
​Для інвесторів та користувачів ця заява є серйозним сигналом: ринок криптовалют залишається зоною підвищеного ризику, де пильність та критичне мислення є головними інструментами захисту власних коштів.
​Щоб залишатися в курсі найважливіших новин криптосвіту та питань безпеки, обов'язково підписуйтесь на наш тег #MiningUpdates !

#interpol #CryptoCrime #CyberSecurity #GlobalThreat #cryptocurrency #FinCrime #BlockchainNews #AntiMoneyLaundering

📅 November 28 | Seoul, South Korea
The crypto ecosystem is shaking strongly again. Upbit, one of the largest and highest volume exchanges in all of Asia, confirmed after an emergency audit that the recent $30 million hack revealed a much more dangerous flaw than previously thought: a technical error within its infrastructure that may have inadvertently exposed private keys.

📖Upbit confirmed that a malicious actor had managed to drain approximately $30 million in assets after breaching a specific set of hot wallets. The company publicly assured that losses would be fully covered and that its operating infrastructure remained stable, but internal investigators insisted that something was not right.
The attack pattern did not match common phishing techniques or direct system compromises, which led to the activation of an emergency technical audit executed by multiple firms specialized in cybersecurity and on-chain analysis.
According to The Block, it was that audit that uncovered the most alarming point: an internal flaw in the key rotation system that, under certain extremely specific circumstances, could have leaked sensitive elements of the private key generation and storage process.
Although there is no evidence that the attackers have fully exploited this flaw, the mere possibility completely redefines the severity of the incident. The audit describes the flaw as “potentially critical” and “highly dangerous” if combined with unauthorized access or internal compromises.
The researchers also concluded that the bug was present for a limited period, but long enough for a sophisticated attacker to detect anomalies within the signature stream. The $30 million exploit could have just been a side effect of a much deeper vulnerability.
Furthermore, it warns that this flaw, if not discovered in time, could have allowed access to multiple institutional and user wallets, which would have caused multimillion-dollar losses that were impossible to cover. This discovery set off all the alarms within the exchange and it is now in the process of total repair.
Upbit reported that it has already isolated all affected systems, activated a complete key regeneration protocol, redesigned internal custody processes and is working with Korean authorities to document every detail of the attack.
It was also announced that a full technical report will be published in the coming days so that the community, third-party auditors, and other exchanges can assess the vulnerability and harden their own systems. The priority now is to avoid any residual risk and restore market confidence at an especially sensitive time, considering the increase in hacks in Asia in recent months.
Users, analysts and cybersecurity experts agree that this incident sets a disturbing precedent: if an exchange as large as Upbit had a flaw capable of compromising private keys, how many systems could still be exposed without knowing it?

Topic Opinion:
I think the fact that an exchange the size of Upbit faced a vulnerability of this caliber shows how critical it is to strengthen custody systems even on high-end platforms. While Upbit acted quickly and responsibly, the industry as a whole must take this case as a precedent that calls for greater transparency, constant audits, and much stricter standards.
💬 Do you think this incident will forever change the perception of security in exchanges?

Leave your comment...
#Upbit #cryptohacks #CryptoSecurity #CyberSecurity #CryptoNews $ETH

Interpol has adopted a new resolution at its General Assembly in Marrakesh, declaring so-called fraud compounds—large criminal networks built on human trafficking and forced labor—as a major transnational threat. These organizations operate across multiple countries and rely on coerced workers to run online scams, including cryptocurrency-related fraud.

A New Criminal Model: Fraud Compounds Function as a Global Industry
Member states of the International Criminal Police Organization approved the resolution, noting that fraud compounds have evolved into a highly organized, cross-border criminal industry targeting victims in more than 60 countries.
According to Interpol, criminal groups lure people with fake job offers abroad. Once the victims arrive, their documents are confiscated, they are taken to guarded compounds, and forced to work on illegal operations ranging from online investment scams to crypto fraud schemes.
Evidence shows that many victims suffer:
physical abusepsychological coercionsexual violencerestrictions on movement
These networks use advanced tools, including voice-phishing, romance scams, fake investment platforms and cryptocurrency fraud, to exploit victims worldwide.

Southeast Asia as the Epicenter — with Expansion to Other Regions
Interpol reports that fraud compounds have expanded rapidly across Southeast Asia.

Major hubs have emerged in Myanmar, Cambodia and Laos, where large volumes of human trafficking and online fraud have been uncovered.
Criminal activity has also been detected in:
parts of RussiaColombiaEast African coastal nationsthe United Kingdom
U.S. authorities have recently imposed sanctions on several entities in Myanmar and Cambodia for operating scam platforms that targeted citizens across multiple countries.
Losses linked to these operations are estimated at around $10 billion, according to the U.S. Treasury.

Interpol Warns: Crypto Networks Used to Mask Illegal Financial Flows
Fraud networks increasingly rely on cryptocurrencies to hide their financial transactions.
One of the largest documented cases involved an online marketplace operated by the Cambodian conglomerate Huione Group, which processed crypto transactions exceeding $11 billion tied to scam operations.

The group later faced sanctions for allegedly laundering more than $4 billion in illicit funds.
Such networks also intersect with other criminal markets, including drugs, weapons, illegal gambling and wildlife trafficking, making them extremely difficult to dismantle.

South Korea Proposes Strategy: Real-Time Intelligence Sharing and Joint Operations
South Korea submitted a detailed proposal urging Interpol members to adopt a unified international strategy based on:
real-time intelligence sharingmapping the main operational hubs and methodscoordinated crackdowns on criminal financingstandardized procedures for locating and rescuing victimsexpanded support for survivorsglobal awareness campaigns targeting at-risk groups, including youth and job seekers
The goal is to create a coordinated framework that enables direct action against these networks and breaks their financial infrastructure.

Interpol Expands Global Operations: Significant Outcomes in 2024
In 2024, Interpol expanded its international operations to 116 countries, resulting in 2,500 arrests and several major actions in Africa and Europe.
These efforts build on previous alerts:
2022: Purple Notice on emerging forms of human trafficking2023: Orange Notice outlining methods used to coerce and exploit victims
Secretary General Valdecy Urquiza emphasized that effective action requires stronger cooperation, better information sharing and coordinated, decisive enforcement efforts worldwide.

Conclusion
Fraud compounds built on forced labor have become a global phenomenon transcending borders and continents.

Interpol’s newly adopted resolution formally designates these operations as a form of international organized crime, urging governments worldwide to respond collectively.
Security experts warn that without coordinated global action, these networks will continue to expand, putting millions of people at risk.

#interpol , #CryptoCrime , #CyberSecurity , #CryptoNews , #fraud

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Cardano founder and IOG CEO Charles Hoskinson addressed the community following the recent chain split with a clear message:

Every blockchain — even the most rigorously engineered ones — will eventually face a zero-day vulnerability.
Speaking on his podcast Code Is Law, Hoskinson explained that outages, bugs, and unexpected failures are not signs of incompetence but fundamental realities of software-based systems, including Cardano.

“This is software.” Zero-day bugs are unavoidable, says Hoskinson
Hoskinson reminded the community that Cardano, despite its reputation for formal verification and conservative development, is still subject to the same software limitations as any other system.

A blockchain is only as secure as the code it runs, and no codebase is immune to hidden flaws.
Cardano’s mainnet launched in 2017.

It took more than eight years before the network experienced a truly critical vulnerability. Hoskinson described this track record as evidence that:
“Cardano is extremely good at what it does.”
He added that some zero-day exploits are discovered and abused within minutes, while others remain dormant for years — and that this is precisely why intentional exploitation cannot be tolerated.

“You cannot allow anyone to disrupt the entire system at will”
Hoskinson strongly criticized the stake pool operator (SPO) whose actions unintentionally triggered the long-standing bug.

He emphasized that Cardano supports an entire ecosystem of:
stake pool operators,delegators,investors,developers,
all of whom rely on the network’s stable operation.
Allowing individuals to destabilize the system “arbitrarily or whimsically,” he said, would jeopardize the livelihoods of thousands of people.

Hoskinson also confirmed that the incident is being investigated with the involvement of the FBI, a revelation that stirred controversy among parts of the community.
The SPO responsible for activating the bug has since issued a public apology.

The chain split: no network outage, but real consequences
The vulnerability discovered on November 21 caused the network to temporarily diverge into two parallel chains:
a “poisoned” branch, disrupted by the bug,and a “healthy” branch, which continued functioning normally.
Despite the split, block production never stopped.

The network kept operating, but major crypto exchanges suspended ADA deposits and withdrawals as a precaution until the issue was fully resolved.

Cardano demonstrates strong system integrity
In a separate podcast episode, Hoskinson praised the swift and coordinated response of the technical teams.

According to him, the incident highlights two key strengths of Cardano:
High systemic integrity, even under stress.Exceptional engineering discipline, enabling fast mitigation of unforeseen failures.
The market reaction was brief. ADA’s price recovered quickly from the initial shock and, at the time of writing, had risen 2.4% to $0.43.

#Cardano , #ADA , #CharlesHoskinson , #CyberSecurity , #CryptoNews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

South Korea’s financial sector has been hit by one of the most damaging cyberattacks in recent years. According to cybersecurity firm Bitdefender, the country became the target of a coordinated supply-chain attack involving threat actors linked to Russia and North Korea, resulting in the deployment of the Qilin ransomware and the theft of more than 2 terabytes of data across 28 victims, most of them within the financial services industry.
Investigators uncovered that the attack was not an isolated incident but part of a broad, multi-phase campaign known as Korean Leaks, which merged advanced ransomware techniques with political propaganda and targeted exploitation of supply-chain vulnerabilities.

A Sudden Spike: From 2 Incidents Per Month to 25 in September
Bitdefender began investigating after detecting an unusual surge in ransomware activity in September:

25 ransomware cases were reported that month, compared to the usual two monthly incidents recorded between September 2024 and August of this year.
Of these attacks, 24 targeted financial organizations, highlighting a high degree of planning and coordination.
According to the latest data, South Korea is now the second most targeted country in the world for ransomware attacks — trailing only the United States.

Qilin: One of 2024’s Most Aggressive Ransomware Groups
The ransomware group Qilin, operating under the Ransomware-as-a-Service model, is one of the most active threat actors of the year. In October alone, Qilin was responsible for more than 180 victims, and according to NCC Group, is behind 29% of all global ransomware attacks.
Bitdefender’s analysis indicates that Qilin has Russian roots:
founding member BianLian communicates in Russian and English,is active on Russian-language cybercrime forums,and the group avoids attacking organizations in CIS countries — a common rule among Russian cybercrime syndicates.
Qilin’s internal structure is highly organized:
it recruits external hackers to carry out attacks,core operators take a percentage of ransom payments,and the group even maintains an “internal journalist team” that drafts extortion messages and propaganda for its leak platform.
Propaganda and Psychological Warfare: Hackers Posed as “Activists”
Bitdefender’s Korean Leaks report reveals that the campaign was not a standard ransomware operation. The attackers blended cybercrime with political messaging, using:
activist-style language,patriotic and nationalistic rhetoric,and repeated references to sharing the stolen data with North Korean leadership.
One leaked communication stated:
“A report on the discovered documents is already being prepared for Comrade Kim Jong-un.”
This fusion of propaganda with ransomware tactics indicates a hybrid operation that goes beyond conventional criminal motives.

Three Attack Waves: Over 1 Million Files and 2 TB of Data Stolen
The Korean Leaks campaign unfolded in three distinct waves:
September 14 – first wave targeting 10 financial management firmsSeptember 17–19 – second wave adding another 9 victimsSeptember 28 – October 4 – third wave targeting 9 additional organizations
In total, the attackers stole over 1 million files and 2 TB of sensitive data.

Four additional company names were later removed from Qilin’s leak site, likely due to ransom payments or internal decisions by operators.
During the second wave, hackers issued a chilling threat:
“We have data that will deal a severe blow to the entire Korean market. If payment is not made, we will release it.”

Supply-Chain Breach: The Core Entry Point
According to reporting from JoongAng Daily, more than 20 asset-management companies were compromised after hackers breached GJTec, a managed service provider.

This highlights yet again how supply-chain attacks can amplify damage across an entire sector.

Conclusion: A Hybrid Operation Blending Russian Techniques and North Korean Messaging
The Korean Leaks attack ranks among the most significant ransomware operations of the year — not only due to the volume of stolen data, but also due to the hybrid nature of the campaign, which fused ransomware, political influence tactics, and systemic exploitation of supply-chain weaknesses.
Experts warn that this incident is a stark reminder of a growing global trend:

state-linked cyber groups are increasingly prioritizing supply-chain infiltration as a primary attack vector.

#cyberattack , #CyberSecurity , #russia , #GlobalSecurity , #CryptoNews

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

$BTC Binance, a leading cryptocurrency exchange, recently announced its active participation in "Cyber Patrol," a global operation targeting the financial infrastructure supporting digital piracy. This collaboration underscores $BNB Binance's commitment to combating illicit activities within the digital asset ecosystem and enhancing security across its platform.
Binance has confirmed its involvement in "Cyber Patrol," an international law enforcement-led initiative focused on disrupting the financial lifelines of digital piracy operations worldwide. The exchange's contribution to this global effort highlights its ongoing commitment to working with authorities to ensure a safer and more secure environment for digital asset transactions.
Digital piracy, which includes the illegal distribution of copyrighted content such as films, music, and software, often relies on complex financial networks to process payments and launder illicit gains. By participating in operations like Cyber Patrol, Binance leverages its advanced blockchain analytics capabilities and compliance infrastructure to identify and freeze accounts associated with these illegal activities. This proactive stance aims to cut off the revenue streams that enable piracy organizations to operate, ultimately protecting content creators and legitimate businesses.

Why It Matters
Binance's collaboration with law enforcement in anti-piracy operations is significant for the broader cryptocurrency industry. It demonstrates that regulated digital asset platforms can play a crucial role in combating financial crime, dispelling misconceptions that cryptocurrencies are solely used for illicit purposes. Such partnerships enhance the legitimacy of the crypto sector and contribute to building trust with traditional financial institutions and regulators.
Key Data and Impact
While specific operational details and the total value of assets frozen are typically not disclosed during ongoing investigations, Binance regularly reports on its efforts to combat financial crime. These efforts include significant investments in compliance personnel, AI-driven monitoring tools, and partnerships with global law enforcement agencies. The impact of such operations extends beyond specific arrests; they aim to create a hostile environment for illicit actors, making it increasingly difficult for them to use digital assets for illegal financial activities. This strengthens the overall integrity of the global financial system, both traditional and digital.
Expected Future Developments
Expert views suggest that collaborations between major crypto exchanges and law enforcement will become increasingly common as digital assets become more integrated into the global economy. This trend points towards a future where digital asset platforms actively contribute to financial security and transparency, working alongside authorities to uphold global anti-money laundering (AML) and counter-terrorist financing (CTF) standards.
Binance has joined "Cyber Patrol," a global law enforcement operation aimed at disrupting the financial infrastructure of digital piracy. This collaboration underscores the exchange's commitment to combating financial crime within the digital asset ecosystem and enhancing platform security.#Binance #CyberSecurity #AntiPiracy

Upbit, South Korea’s largest cryptocurrency exchange, fell victim to a major hack early Thursday morning. Its operator, Dunamu Inc., confirmed that over $36 million worth of Solana-linked assets were stolen from company wallets.
According to a statement by Dunamu CEO Oh Kyung-seok, the unauthorized transaction occurred at 4:42 a.m. local time, and the platform quickly detected the abnormal activity and contained the breach.

Hack Involved Dozens of Solana Tokens
The stolen funds included over 20 different tokens from the Solana ecosystem – such as Bonk, Jupiter, Radium, Render Token, Wormhole, USD Coin, Magic Eden, DRIFT, ORCA, and others. All were transferred to an unknown external address in a single unauthorized withdrawal.
Upbit immediately suspended all deposits and withdrawals, stating that the freeze would remain in effect until a full internal review is completed.
Dunamu assured users that no customer funds would be affected, as the company will cover all losses from its own reserves. A full security inspection is currently underway.
“We have quickly identified the extent of the abnormal outflows and will fully compensate the loss from our holdings. No customer funds are impacted,” CEO Oh stated publicly.
Upbit also called on the public to share any information that could help trace the stolen tokens or identify the attackers.

Hack Coincides With Dunamu–Naver Merger Announcement
The breach came on the same day as the announcement of a strategic merger between Dunamu, Naver, and Naver Financial. According to Chosun Daily, tech giant Naver is preparing to acquire Dunamu through a stock-swap deal.
At a press conference held at Naver’s 1784 headquarters, top executives gathered to confirm the merger, including Naver Chairman Lee Hae-jin, Naver CEO Choi Soo-yeon, Dunamu Chairman Song Chi-hyung, and others.
“Combining Naver’s AI capabilities with Web3 infrastructure will create a foundation for Korea to lead next-generation digital finance,” said Chairman Lee Hae-jin.
The companies unveiled plans to invest ₩10 trillion (~$7.5 billion) over the next five years to boost South Korea’s AI and Web3 industries. The funds will support research, platform development, and integrated digital services.

Korea-Based Stablecoin Coming Soon
In addition to the merger, Dunamu CEO Oh revealed plans to launch a Korean won-pegged stablecoin. Local news reports also suggest that Naver Financial will debut a stablecoin wallet in Busan next month.
This aligns with the companies’ broader vision of fusing AI, Web3, and fintech into a powerful platform for the Asian digital finance market.

#Upbit , #solana , #CryptoSecurity , #DigitalAssets , #CyberSecurity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“