The US Department of Justice has indicted two Russian men, Alexey Bilyuchenko and Aleksandr Verner, for their role in the 2011 hack of Mt. Gox, one of the earliest bitcoin exchanges. The hack resulted in the loss of 650,000 bitcoins, worth an estimated $31 billion at current value. Bilyuchenko and Verner are accused of slowly siphoning out coins from the exchange over a period of three years, until Mt. Gox declared bankruptcy in February 2014. Bilyuchenko and another alleged accomplice, Alexander Vinnik, allegedly created BTC-e, another exchange, to launder the stolen bitcoins, which became a major cash-out point for various types of criminal cryptocurrency.
Researchers from The Wall Street Journal, Stanford Internet Observatory, and University of Massachusetts at Amherst have found a network of child exploitation images and videos being sold and commissioned on Instagram’s public network. The researchers found certain hashtags that lead users to hidden groups of hundreds of accounts where child sexual abuse material (CSAM) was advertised, and where users could commission images and videos of sexual acts and self-harm. Moreover, Instagram’s automated recommendation algorithms promoted more CSAM materials to users who sought the content. In response, Instagram has changed the interstitials to block CSAM content, and parent company Meta has created a new task force to address the problem.
The infamous Russia-linked ransomware group, Clop has taken responsibility for stealing data from hundreds of companies through a vulnerability in the file-transfer service, MOVEit Transfer. Microsoft first attributed the activity to the group. The Clop group exploits vulnerabilities in popular enterprise web services or equipment to steal data and launch extortion campaigns against multiple organizations. Clop started attacking the MOVEit Transfer vulnerability at the end of May.
North Korean state-sponsored hackers have been implicated in a $35 million crypto heist of cryptocurrency firm Atomic Wallet. Blockchain analysis company Elliptic found evidence linking the hack to North Korea. The hackers had sent the stolen funds to Sinbad.io, a cryptocurrency mixing service, which is quickly becoming the country’s preferred crypto laundering tool. The funds were traced to just five users of Atomic Wallet, with one losing as much as $8 million. If confirmed, this would be the biggest crypto theft by North Korea’s hackers since the $100 million raid on Horizon Bridge a year ago.
