Security News

A former US Army Sergeant with Top Secret US military clearance created a Word document entitled "Important Information to Share with Chinese Government," according to an FBI agent's sworn declaration. The DoJ said Schmidt retired from active duty in January 2020, traveling to China, then back to the US, then to Istanbul in February 2020, before returning to the US again, and then going back to China in March 2020.

Operated out of Japan by French expatriate Mark Karpelès, Mt. Gox rapidly became the biggest online Bitcoin exchange, but imploded in 2014 when the company was forced to admit that it had lost Bitcoins worth more than $0.5 billion at the time. In 2014, the Big Daddy of Bitcoin exchanges, Japan-based Mt. Gox, made a "So sorry, they seem to have vanished" announcement about a whopping 650,000 Bitcoins, worth approximately $800 each at the time.

The US government is aggressively pursuing three men accused of wide-ranging and complex conspiracies of laundering stolen and illicit cryptocurrency that the North Korean regime used to finance its massive weapons programs. The Department of Justice this month indicted North Korean national Sim Hyon Sop, Wu HuiHui of China, and Cheng Hung Man, a Hong Kong British national, for their roles in two money laundering conspiracies, both aimed at channeling funds into North Korea's coffers.

The Department of Justice declared the confiscation of digital currency valued at approximately $112 million connected to fraudulent cryptocurrency investments. In these schemes, fraudsters cultivate long-term relationships with victims met online, eventually enticing them to make investments in fraudulent cryptocurrency trading platforms.

Convicted wire fraud perpetrator Paige Thompson has been sentenced to time served and five years of probation with location and computer monitoring, prompting U.S. Attorney Nick Brown to label the sanctions unsatisfactory. Thompson infamously raided cloud storage buckets operated by financial services company Capital One and made off with over 100 million individuals' personal information, in addition to other data heists.

It's said that the pair promoted the idea at a conference in 2018 and a few news outlets picked up on that plan and suggested Rongelap could become "The new Hong Kong.". In a May 2021 publication [PDF] the IMF noted the proposal to create a digital economic zone on Rongelap and characterized it as "Envisioned to focus on virtual means of exchange, including virtual assets."

In a statement, the US Department of Justice said: "Uber admitted to and accepted responsibility for the acts of its officers, directors, employees, and agents in concealing its 2016 data breach from the Federal Trade Commission, which at the time of the 2016 breach had a pending investigation into the company's data security practices." ESET researchers have uncovered a fresh sample of macOS malware that uses public cloud services to store payloads, exfiltrate data and execute command and control of infected machines.

Federal law enforcement officials this week said they seized about $500,000 that healthcare facilities in the United States paid to the Maui ransomware group. In the case involving the Kansas healthcare facility, the hospital paid the $100,000 ransom but also contacted the FBI, which traced the payment through the blockchain and identified accounts used by money launderers in China who were working with the North Korean-backed ransomware group.

The U.S. Department of Justice on Wednesday announced the seizure of three domains used by cybercriminals to trade stolen personal information and facilitate distributed denial-of-service attacks for hire. The former of which allowed its users to traffic hacked personal data and offered a searchable database containing illegally amassed information obtained from over 10,000 data breaches.

The U.S. Department of Justice announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act, which says that, among other things, good-faith security researchers will no longer be charged and prosecuted. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services.