According to a report issued by the United Nations Office for Drugs and Crime, dated October 7, criminal networks across Southeast Asia are increasingly turning to the messaging platform Telegram for conducting comprehensive illegal activities. It says Telegram, due to big channels and seemingly insufficient moderation, becomes the attraction of the underworld for organised crime and its resultant transformation in the ways of operating global illicit operations.
An Open Market for Stolen Data and Cybercrime Tools
The UNODC report clearly illustrates how Telegram has become a trading platform for hacked personal data, including credit card numbers, passwords, and browser histories. Cybercriminals publicly trade on the large channels of Telegram with very little interference. In addition, it has various software and tools designed to conduct cybercrime such as fraud using deepfake technology and malware used for copying and collecting users' data. Moreover, money laundering services are provided in unauthorised cryptocurrency exchanges through Telegram.
An example was an ad to be placed on Telegram stating that it was moving USDT cryptocurrency, stolen and with $3 million daily transactions, to cash in on criminal organisations involved in transnational organised crime in Southeast Asia. According to reports, these dark markets are growing increasingly omnipresent on Telegram through which vendors aggressively look to reach criminal organisations in the region.
Southeast Asia: A hub of fraud and exploitation
According to the UNODC reports, this region in Southeast Asia has become an important base for international fraudulent operations. Most criminal activities within the region relate to Chinese syndicates located within heavily fortified locations and use trafficked individuals forced into labour. It is estimated that the industry generates between $27.4 billion and $36.5 billion annually.
The move comes as scrutiny of Telegram and its billionaire founder, Russian-born Pavel Durov, is intensifying. Durov is facing legal fallout in France after he was charged with abetting crime on the platform by allowing the distribution of illegal content after he tightened his regulations in France. The case has sparked debates on the liability of tech companies for the crimes happening on their platform, and the line between free speech and legal accountability.
It responded to the increasing pressure by promising cooperation with legal authorities. The head of Telegram, Durov, stated that Telegram will share the IP addresses and phone numbers of users whenever a legal request for them is required. He further promised to cancel some features on the platform that have been widely misused for illicit activities. Currently, more than a billion people worldwide are using Telegram, and it has so far not reacted publicly to the latest report from the UNODC.
A Perfect Fertile Ground for Cybercrime
For example, as personal data becomes more and more exposed to fraudulent exploitation and fraud schemes through Telegram, for instance, the Deputy Representative for Southeast Asia and the Pacific at UNODC highlighted the perils of the consumer getting to see. In this respect, Benedikt Hofmann, free access and anonymity developed an ideal setting for criminals towards the people's data and safety.
Innovation in Criminal Networks
The growth in Southeast Asia's organised crime to higher levels may indicate criminals will be armed with new, more varying technologies-most importantly malware, generative AI tools, and deepfakes-to commit sophisticated cyber-enabled fraud. In relation to innovation and adaptability, investigation by UNODC revealed over 10 specialised service providers in the region offering deep fakes technology for use in cybercrime cases.
Expanding Investigations Across Asia
Another area of concern discussed in the UNODC report is the increasing investigation by law enforcement agencies in other parts of Asia. For example, South Korean authorities are screening Telegram for its role in the commission of cybercrimes that include deepfake pornography. Meanwhile, in India, a hacker used Telegram chatbots to leak private data from Star Health, one of the country's largest insurers. This incident disclosed medical records, IDs, and even tax details. Star Health sued Telegram.
A Turning Point in Cybersecurity
The UNODC report opens one's eyes to the extent the challenge encrypted messaging presents toward the fight against organised crime. Thus, while criminal groups will continue and take full advantage of platforms like Telegram, tech companies remain on their toes about enforcing control measures over illegal activity while trying to balance concerns to address user privacy and safety.
Your IP address may look like a long number row, but to a hacker, it can be an instrument of evil activity. While your exposure to an IP doesn't pose an immediate danger per se, it is thus important to understand what a hacker can do with it. Let's break down how cybercriminals can exploit an IP and how you can keep it safe.
Determining Your Broad Area of Location
The very first thing a hacker will easily know once he has obtained your IP address is your general area of location. He can find out your city or region using even simple online tools such as IP tracking websites. Of course, he won't pinpoint the street number but can already pinpoint your general area or location which may trigger other related hacking attempts such as phishing attacks. Hackers would use your address and ISP to dupe you through social engineering.
IP Spoofing: Identity Mimicry Online
The hacker can manipulate the IP addresses and make it seem like the actions they are performing are coming from your device. In this method, which is known as IP spoofing, hackers perpetrate various illegal activities while concealing identities. Many people employ IP spoofing in DDoS attacks whereby hackers inject tremendous amounts of traffic into a network to actually shut it down. Using your IP address during this attack may keep them undetected while they wreck the damage.
Selling Your IP Address
One seems minute, but hackers sell bundles of thousands of IP addresses in bulk across the dark web, and those addresses can be used in large-scale social engineering projects that lead to data theft. Used with other personal data, your IP address can be a wonderful commodity in some hacker's arsenal, allowing them to crack into almost any online account.
Scanning for Further Information
Using this method, and with the use of such tools as Nmap, hackers can not only obtain your IP but also uncover which OS your machine is running, applications that are installed, and open ports. If vulnerabilities exist in your system, they can launch specific attacks on those particular weaknesses, which will then allow them to get into your network, and even control your devices.
A DDoS attack
Although it is seldom that DDoS attacks any user, hackers can use your IP to attack you using DDoS, which will turn your device into a traffic flooder and take it offline. Such attacks are usually employed in larger organisations, although those engaging in activities such as online gaming and other competitive activities are also at risk. For instance, some players have used DDoS attacks to cut off their opponents' internet.
How to Hide Your IP Address
The likelihood that someone actually targeted you may be low, but this is equally as important to adhere to these safety precaution guidelines. With a virtual private network or a proxy server, your public IP address remains hidden, which makes it extremely hard for hackers to find and take advantage of it. It can also protect your devices by updating them as regularly as possible and using firewalls.
It is important to note that knowing an IP address doesn't give hackers total control over your system. However, it can be part of a scheme that encourages them to come closer to extracting more personal information or conducting attacks. However, usually there's little chance that someone would go out of his way to harm you using just your IP address; still, you can never be too safe. Securing the network and masking the IP simply reduces these risks from IP-based attacks.
Care needs to be taken, and preventative measures need to be in place so that nobody would use those malpractices against you.
According to a new report published by the Federal Trade Commission (FTC), it was found that Facebook - that has since become Meta, YouTube, WhatsApp, and others - have been highly involved in mass surveillance practices while banking in billions of dollars. The investigation, which began from December 2020, exposed the scale of these platforms' collection, monetization, and exploitation of personal information belonging to users.
The FTC's 129-page report exposed how such companies, including Amazon's Twitch, Reddit, Twitter (now X), and TikTok's ByteDance, accumulate vast loads of personal data. This data, mainly collected by these services without the full awareness of users, becomes the foundation of many profitable business models-as is often the case with paid-for targeted advertising. Meta reported that 98% of its second-quarter revenue of $39.07 billion came from ads on Facebook and Instagram, which rely on data harvested from users.
Data Collection Beyond Expectation
What perhaps really scarring is the number of data and how that's amassed. Companies pay for more information from third-party brokers, which includes income levels, location data, and personal interests of users, to create profiles of online behaviour. Such data is used to fine-tune targeted ads while upgrading profitability, yet users are largely unaware of the extent of all these practices.
Lack of User Control
Despite all that is collected, the report comes to the following conclusion: users have little control over what is done with their personal information. Of course, people are informed that their data is used to deliver targeted advertising and recommendations, but they do not have meaningful tools to direct or limit that use. In most cases, even after user requests to delete all of their information, platforms retain at least de-identified data, or cannot remove all traces of personal information.
Recommendations of FTC for Transparency
The report was a call to these organisations to be open and tell people just what data is being collected and what the data is going to be used for, so consumers have some stake in their information. The FTC also recommended stronger federal legislation of privacy to restrict surveillance and place more control in consumer's hands about data.
The results of such probes have therefore led to several debates on privacy and regulations that protect those users in a modern digital world where the personal information of users is simultaneously tracked and monetized. The FTC report further emphasised the need for companies to be more transparent in adopting practices that offer safeguards regarding user privacy.
Like recent data breaches, your personal information could now be with threat actors, and it is not your fault. This blog covers details related to the breach, and the steps you can take to protect your credit card and avoid misuse of credit card numbers.
In the notification sent to affected victims, Slim CD said hackers gained access to its network for almost a year, from August 2023 to June 2024. But they could only steal credit card details between June 14 and 15 of this year.
Earlier this year in June, Slim CD found that suspicious users had access to its systems. After that, the company launched an inquiry, which revealed that hackers had first gained entry into the networks in August 2023. The stolen data includes physical addresses, full names, credit card numbers and card expiry dates. Luckily, card verification numbers or CVVs weren't stolen, the company says.
Experts believe that without CVV, hackers can't do much with the stolen credit card data or make any fraudulent transactions with your credit card. But the risk of credit card fraud is still there.
Generally, if you suffer a major data breach, the company offers free access to either credit monitoring or identity theft protection services. But in the case of Slim CD, it isn't doing anything like this for affected users.
The Slim CD incident has highlighted various gap areas for both businesses and customers.
1. Robust Security Measures: Investment is crucial in this area this includes encryption, two-factor authentication, and frequent security audits. These steps can help protect against unauthorized attempts at stealing sensitive info.
2. Monitoring: Customers should frequently keep an eye on their bank statements and credit reports for any suspicious activity. Threat detection at an early stage can reduce the damage caused by a data breach.
3. Quick Response: In the event of a data breach, a fast response becomes important. Informing impacted individuals and offering support can help minimize the damage and rebuild trust.
4. Being Informed and Educated: Both companies and customers should be aware about the basic safety steps needed to be safe from a data breach. For businesses awareness programs and training campaigns can provide certain help.
Foreign hackers are increasingly targeting Taiwan by hijacking social media accounts to spread disinformation aimed at undermining the country's military, according to a statement released by the Ministry of Justice Investigation Bureau (MJIB) yesterday.
The hackers, believed to be operating from abroad, are using compromised Internet-connected devices, including surveillance cameras and facial recognition systems, to gain unauthorised access to social media accounts on popular platforms like Dcard and PTT (Professional Technology Temple). By infiltrating these forums, they have been able to post false information that seeks to damage the reputation of Taiwan’s armed forces.
One of the key tactics employed by these cybercriminals is impersonating Taiwanese air force personnel. They have posted misleading content claiming that many military pilots are dissatisfied with their pay and working conditions. Some posts suggest that pilots would rather incur tremendous financial losses than renew their contracts, while others falsely claim that military members are leaving their posts to pursue civilian careers for better work-life balance.
On PTT, an account named “ss900287” further amplified these messages by sharing a link to a photograph that supposedly showed a list of retired military pilots applying for jobs with China Airlines. This, however, is another example of the misinformation being spread to create doubt and discontent among the public regarding Taiwan’s military.
Rise in False Posts Across Social Media
Despite the efforts of the Air Force Command to counteract these false narratives, there has been a noticeable increase in similar disinformation across more than 170 suspicious Facebook groups, including names such as “The Strait Today,” “Commentary by the Commander,” and “You Ban, Me Mad.” These groups are suspected of being part of the coordinated effort to spread misleading content.
Advanced Techniques to Evade Detection
According to the MJIB, the hackers have been able to maintain their disinformation campaign by exploiting vulnerabilities in facial recognition systems, digital cameras, and other networked devices. By stealing personal data and taking over social media accounts, they have managed to pose as legitimate users, making their disinformation appear more credible.
To avoid detection, the hackers have employed sophisticated methods such as data de-identification and rerouting their activities through multiple channels, which has made it difficult to trace their identities and locations. In response, the MJIB has notified social media platforms, requesting that they take action against the groups and users involved in these activities.
The MJIB is advising Taiwanese citizens to gear up the security of their Internet-connected devices. This includes setting strong, unique passwords and regularly updating them to minimise the risk of cyberattacks.
In a related development, fishermen in Penghu County have reported sightings of Chinese fishing boats using fake Taiwanese radar transponder codes in waters near Cimei Township. While these vessels initially appeared to be Taiwanese on radar, visual inspections confirmed their Chinese origin. The Coast Guard Administration has stated that any illegal vessels identified will be expelled from Taiwanese waters.
The reason behind the Chinese fishing boats disguising their transponder codes remains unclear, but it has raised concerns about the potential for further deceptive activities in the region.
In a recent cybersecurity incident, Ascension, a major health system, has disclosed that cybercriminals stole files potentially containing personal information. This comes about a month after Ascension initially reported falling victim to a ransomware attack.
Ascension revealed that the attackers managed to extract files from seven of its 25,000 file servers. While the investigation is ongoing, preliminary findings suggest that these files may include protected health information and personally identifiable information. However, Ascension has yet to determine the exact data compromised or the specific patients affected.
Despite the breach, Ascension reported no evidence indicating that data from its electronic health records were stolen. The attack was traced back to an employee inadvertently downloading a malicious file, mistaking it for a legitimate document.
In response to the attack, Ascension is offering free credit monitoring and identity theft protection services to patients and employees. Those interested in these services can call 1-888-498-8066 to enrol.
The attack, discovered on May 8, caused paradigm altering disruptions across Ascension’s network. Some elective surgeries and appointments were postponed, and one hospital in Illinois temporarily redirected ambulances to other facilities. Nurses at several hospitals faced challenges, such as difficulties in accessing doctors’ orders for medications and tests, and issues with their standard procedures for medication administration.
Ascension Illinois has recently restored its primary technology for electronic patient documentation, allowing hospitals and doctors' offices to resume electronic documentation, charting, and order sending. This restoration marks a crucial step in returning to normal operations.
This incident at Ascension is part of a troubling trend of cyberattacks targeting healthcare institutions. Earlier this year, Lurie Children’s Hospital in Chicago and the University of Chicago Medical Center also faced cyber incidents. Healthcare systems are prime targets for cybercriminals due to their size, reliance on technology, and the vast amounts of sensitive data they handle, according to the U.S. Department of Health and Human Services.
As cyber threats expand their territory, healthcare systems must remain vigilant and enhance their cybersecurity measures to protect sensitive patient information. The Ascension attack underscores the critical need for robust security protocols and employee awareness to prevent future breaches.
In an unprecedented turn of events, the Internal Revenue Service (IRS) recently issued a public apology to billionaire investor Ken Griffin. The reason? Leaked tax records that exposed sensitive financial information, including Griffin’s personal wealth and tax liabilities.
The Internal Revenue Service issued a rare apology for the "thousands" of tax data disclosed to the public between 2018 and 2020.
Griffin issued the apology as part of a deal with the IRS after filing a lawsuit in December 2022 over the "unlawful disclosure" of his tax information, which was disclosed to the public by a contractor.
The story began with a former IRS contractor named Charles Littlejohn. Littlejohn, who had access to confidential tax returns, allegedly leaked information about several high-profile taxpayers, including Griffin.
The recipient of this unauthorized disclosure was the nonprofit news organization ProPublica. The leaked data revealed intricate details about the financial lives of some of the wealthiest Americans.
Ken Griffin, founder of the hedge fund Citadel, is no stranger to the limelight. With a net worth approaching $42 billion, he ranks among the world’s wealthiest individuals. His investment strategies, philanthropic endeavors, and influence in financial circles have made him a prominent figure. However, the leak of his tax records thrust him into an unexpected controversy.
Upon discovering the breach, Griffin took legal action against the IRS and the U.S. Treasury Department. His lawsuit alleged negligence, violation of privacy, and reputational harm resulting from the unauthorized disclosure.
The leak not only exposed his financial data but also raised concerns about the security of taxpayer information within the IRS.
According to the IRS, the contractor, Charles Littlejohn, "violated" his job contract by disclosing the material to the press. The government also stated that Littlejohn "betrayed the trust" of Americans, including billionaire Elon Musk.
In a rare move, the IRS publicly acknowledged its mistake and issued an apology directly to Ken Griffin. The agency expressed regret for the inadvertent release of his tax records.
The apology came after Griffin dropped his lawsuit, signaling a resolution to the matter. However, questions remain about the broader implications of such breaches and the safeguards in place to prevent future incidents.