It was "little more than empty fields" five years ago — but it's now "a vast, heavily guarded complex stretching for 210 hectares (520 acres)," reports the Guardian, "the frontline of a multibillion-dollar criminal fraud industry fuelled by human trafficking and brutal violence." Myanmar, Cambodia and Laos have in recent years become havens for transnational crime syndicates running scam centres such as KK Park, which use enslaved workers to run complex online fraud and scamming schemes that generate huge profits. There have been some attempts to crack down on the centres and rescue the workers, who can be subjected to torture and trapped inside. But drone images and new research shared exclusively with the Guardian reveal that the number of such centres operating along the Thai-Myanmar border has more than doubled since Myanmar's military seized power in 2021, with construction continuing to this day.

Data from the Australian Strategic Policy Institute (Aspi), a defence thinktank in Canberra, shows that the number of Myanmar scam centres on the Thai border has increased from 11 to 27, and they have expanded in size by an average of 5.5 hectares a month. Drone images and photographs of KK Park and other Myanmar scam centres, Tai Chang and Shwe Kokko, taken by the Guardian in August show new features and active building work... Myanmar's military junta has allowed the spread of scam centres inside the country as these criminal enterprises have become an essential part of the country's conflict economy since the coup, helping it rise to the top of the global list of countries harbouring organised crime. According to Aspi's analysis, Myanmar's military, which has lost huge swathes of territory since the coup and is struggling to retain its grip on power, cannot take meaningful measures against the scam compounds without endangering its precarious relations with the crucial armed militias who are profiting from them.
While 7,000 people were freed from the compounds earlier this year, "Thai police estimated earlier this year that as many as 100,000 people were held inside Myanmar scam centres," the article notes.

Elsewhere the Guardian reports that "The centres are run by Chinese criminal gangs," and describes people who unwittingly came to Thailand for customer service jobs, only to be trafficked to Myanmar's guarded "cyberslavery compounds" and "forced to send thousands of messages from fake social-media profiles, posing as a rich American investor to swindle US real estate agents into cryptocurrency scams." Since 2020, south-east Asia's cyber-slavery industry has entrapped hundreds of thousands of people and forced them to perform "pig butchering" — the brutal term for building trust with a fraud target before scamming them. At first, the industry mostly captured Chinese and Taiwanese people, then it moved on to south-east Asians and Indians — and now Africans.

Criminal syndicates have been shifting towards scamming victims in the US and Europe after Chinese efforts to prevent its citizens being targeted, experts told the Guardian. That has led some trafficking networks to seek recruits with English-language and tech skills — including east Africans, thousands of whom are now estimated to be trapped inside south-east Asian compounds, says Benedikt Hofmann, the UN Office on Drugs and Crime's representative for south-east Asia and the Pacific.

Thanks to long-time Slashdot reader mspohr for sharing the article.

An anonymous reader quotes a report from The Intercept: The company behind the Proton Mail email service, Proton, describes itself as a "neutral and safe haven for your personal data, committed to defending your freedom." But last month, Proton disabled email accounts belonging to journalists reporting on security breaches of various South Korean government computer systems following a complaint by an unspecified cybersecurity agency. After a public outcry, and multiple weeks, the journalists' accounts were eventually reinstated -- but the reporters and editors involved still want answers on how and why Proton decided to shut down the accounts in the first place.

Martin Shelton, deputy director of digital security at the Freedom of the Press Foundation, highlighted that numerous newsrooms use Proton's services as alternatives to something like Gmail "specifically to avoid situations like this," pointing out that "While it's good to see that Proton is reconsidering account suspensions, journalists are among the users who need these and similar tools most." Newsrooms like The Intercept, the Boston Globe, and the Tampa Bay Times all rely on Proton Mail for emailed tip submissions. Shelton noted that perhaps Proton should "prioritize responding to journalists about account suspensions privately, rather than when they go viral." On Reddit, Proton's official account stated that "Proton did not knowingly block journalists' email accounts" and that the "situation has unfortunately been blown out of proportion."

The two journalists whose accounts were disabled were working on an article published in the August issue of the long-running hacker zine Phrack. The story described how a sophisticated hacking operation -- what's known in cybersecurity parlance as an APT, or advanced persistent threat -- had wormed its way into a number of South Korean computer networks, including those of the Ministry of Foreign Affairs and the military Defense Counterintelligence Command, or DCC. The journalists, who published their story under the names Saber and cyb0rg, describe the hack as being consistent with the work of Kimsuky, a notorious North Korean state-backed APT sanctioned by the U.S. Treasury Department in 2023. As they pieced the story together, emails viewed by The Intercept show that the authors followed cybersecurity best practices and conducted what's known as responsible disclosure: notifying affected parties that a vulnerability has been discovered in their systems prior to publicizing the incident. Phrack said the account suspensions created a "real impact to the author. The author was unable to answer media requests about the article." Phrack noted that the co-authors were already working with affected South Korean organizations on responsible disclosure and system fixes. "All this was denied and ruined by Proton," Phrack stated.

Phrack editors said that the incident leaves them "concerned what this means to other whistleblowers or journalists. The community needs assurance that Proton does not disable accounts unless Proton has a court order or the crime (or ToS violation) is apparent."

Snapchat has been accused by a Danish research organisation of leaving an "overwhelming number" of drug dealers to openly operate on Snapchat, making it easy for children to buy substances including cocaine, opioids and MDMA. The Guardian: The social media platform has said it proactively uses technology to filter out profiles selling drugs. However, research by Digitalt Ansvar (Digital Accountability), a Danish research organisation that promotes responsible digital development, has found evidence of a failure to moderate drug-related language in usernames. It also accused Snapchat of failing to respond adequately to reports of profiles openly selling drugs.

Researchers used profiles of 13-year-olds and found a multitude of people selling drugs on Snapchat under usernames featuring keywords such as "coke," "weed" and "molly." When researchers reported 40 of these profiles to Snapchat, the company removed only 10 of them. The other 30 reports were rejected, they said.

The Michigan Supreme Court has drawn a firm line around digital privacy, ruling that police cannot use overly broad warrants to comb through every corner of a person's phone. From a report: In People v. Carson, the court found [PDF] that warrants for digital devices must include specific limitations, allowing access only to information directly tied to the suspected crime. Michael Carson became the focus of a theft investigation involving money allegedly taken from a neighbor's safe. Authorities secured a warrant to search his phone, but the document placed no boundaries on what could be examined.

It permitted access to all data on the device, including messages, photos, contacts, and documents, without any restriction based on time period or relevance. Investigators collected over a thousand pages of information, much of it unrelated to the accusation. The court ruled that this kind of expansive warrant violates the Fourth Amendment, which requires particularity in describing what police may search and seize.

Davis Lu, a former Eaton Corporation developer, has been sentenced to four years in prison for sabotaging his ex-employer's Windows network with malware and a custom kill switch that locked out thousands of employees once his account was disabled. The attack caused significant operational disruption and financial losses, with Lu also attempting to cover his tracks by deleting data and researching privilege escalation techniques. BleepingComputer reports: After a corporate restructuring and subsequent demotion in 2018, the DOJ says that Lu retaliated by embedding malicious code throughout the company's Windows production environment. The malicious code included an infinite Java thread loop designed to overwhelm servers and crash production systems. Lu also created a kill switch named "IsDLEnabledinAD" ("Is Davis Lu enabled in Active Directory") that would automatically lock all users out of their accounts if his account was disabled in Active Directory. When his employment was terminated on September 9, 2019, and his account disabled, the kill switch activated, causing thousands of users to be locked out of their systems.

"The defendant breached his employer's trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company," said Acting Assistant Attorney General Matthew R. Galeotti. When he was instructed to return his laptop, Lu reportedly deleted encrypted data from his device. Investigators later discovered search queries on the device researching how to elevate privileges, hide processes, and quickly delete files. Lu was found guilty earlier this year of intentionally causing damage to protected computers. After his four-year sentence, Lu will also serve three years of supervised release following his prison term.

A 22-year-old Oregon man has been charged with operating one of the most powerful botnets ever recorded. The network, known as Rapper Bot, launched over 370,000 DDoS attacks worldwide, including against X, DeepSeek, U.S. tech firms, and even Defense Department systems. It was allegedly operated by Ethan Foltz of Eugene, Oregon. The Wall Street Journal reports: Foltz faces a maximum of 10 years in prison on a charge of abetting computer intrusions, the Justice Department said in a news release. Rapper Bot was made up of tens of thousands of hacked devices and was capable of flooding victims' websites with enough junk internet traffic to knock them offline, an attack known as a distributed denial of service, or DDoS.

In February, the networking company Nokia measured a Rapper Bot attack against a gaming platform at 6.5 trillion bits per second, well above the several hundred million bits a second of the average high-speed internet connection. "This would place Rapper Bot among the most powerful DDoS botnets to have ever existed," said a criminal complaint that the prosecutors filed Tuesday in a federal court in Alaska. Investigators said Rapper Bot's attacks were so powerful that they were able to overwhelm all but the most robust networks.

Foltz allegedly rented out Rapper Bot to paying customers, including gambling website operators who would use the network in extortion attempts, according to the complaint. The botnet was used to launch more than 370,000 attacks in 80 countries, including China, Japan and the U.S., prosecutors said. It launched its attacks from hacked routers, digital video recorders and cameras, not from computers. [...] "At its height, it mobilized tens of thousands of devices, many with no prior role in DDoS," said Jerome Meyer, a researcher with Nokia's Deepfield network-analysis division. "Taking it down removes a major source of the largest attacks we see."

A real estate developer searched Google for a cruise ship company's customer service number, reports the Washington Post, calling the number in Google's AI Overview. "He chatted with a knowledgeable representative and provided his credit card details," the Post's reporter notes — but the next day he "saw fishy credit card charges and realized that he'd been fooled by an impostor for Royal Caribbean customer service."

And the Post's reporter found the same phone number "appearing to impersonate other cruise company hotlines and popping up in Google and ChatGPT" (including Disney and Carnival's Princess line): He'd encountered an apparent AI twist on a classic scam targeting travelers and others searching Google for customer help lines of airlines and other businesses... The rep knew the cost and pickup locations for Royal Caribbean shuttles in Venice. [And "had persuasive explanations" when questioned about paying certain fees and gratuities.] The rep offered to waive the shuttle fees...

Here's how a scam like this typically works: Bad guys write on online review sites, message boards and other websites claiming that a number they control belongs to a company's customer service center. When you search Google, its technology looks for clues to relevant and credible information, including online advice. If scammer-controlled numbers are repeated as truth often enough online, Google may suggest them to people searching for a business.

Google is a patsy for scammers — and we're the ultimate victims. Google's AI Overviews and OpenAI's ChatGPT may use similar clues as Google's search engine to spit out information gleaned from the web. That makes them new AI patsies for the old impostor number scams.
"I've seen so many versions of similar trickery targeting Google users that I largely blame the company for not doing enough to safeguard its essential gateway to information," the reporter concludes, (adding "So did two experts in Google's inner workings.") The Post is now advising its reader to "be suspicious of phone numbers in Google results or in chatbots."

Reached for comment, a Google spokesman told the Post they'd "taken action" on several impostor numbers identified by the reporter. That spokesman also said Google continues to "work on broader improvements" to "address rarer queries like these." OpenAI said that many of the webpages that ChatGPT referenced with the bogus cruise number appear to have been removed, and that it can take time for its information to update "after abusive content is removed at the source."
Meanwhile, the man with the bogus charges has now canceled his credit card, the Post reports, with the charges being reversed. Reflecting on his experience, he tells the Post's readers "I can't believe that I fell for it. Be careful."

After leaving a nearly 10-year position as a product marketing engineer at Intel, Varun Gupta was charged with possessing trade secrets. He was facing a maximum sentence of 10 years in prison, a $250,000 fine and three years of supervised release, according to Oregon's U.S. Attorney's Office.

Portland's KGW reports: While still employed at Intel, Varun Gupta downloaded about 4,000 files, which included trade secrets and proprietary materials, from his work computer to personal portable hard drives, according to the U.S. Attorney's Office for the District of Oregon. While working for Microsoft, between February and July 2020, Gupta accessed and used information during ongoing negotiations with Intel regarding chip purchases, according to a sentencing memo. Some of the information containing trade secrets included a PowerPoint presentation that referenced Intel's pricing strategy with another major customer, according to the U.S. Attorney's Office for the District of Oregon in a sentencing memo.

Intel raised concerns in 2020, and Microsoft and Intel launched a joint investigation, the sentencing memo says. Intel filed a civil lawsuit in February 2021 that resulted in Gupta being ordered to pay $40,000.
Tom's Hardware summarizes the trial: Oregon Live reports that the prosecutor, Assistant U.S. Attorney William Narus, sought an eight-month prison term for Gupta. Narus spoke about Gupta's purposeful and repeated access to secret documents. Eight months of federal imprisonment was sought as Gupta repetitively abused his cache of secret documents, according to the prosecutor.

For the defense, attorney David Angeli described Gupta's actions as a "serious error in judgment." Mitigating circumstances, such as Gupta's permanent loss of high-level employment opportunities in the industry, and that he had already paid $40,000 to settle a civil suit brought by Intel, were highlighted.

U.S. District Judge Amy Baggio concluded the court hearing by delivering a balance between the above adversarial positions. Baggio decided that Gupta should face a two-year probationary sentence [and pay a $34,472 fine — before heading back to France]... The ex-tech exec and his family have started afresh in La Belle France, with eyes on a completely new career in the wine industry. According to the report, Gupta is now studying for a qualification in vineyard management, while aiming to work as a technical director in the business.

An anonymous reader shared this report from Tom's Hardware: According to German news outlet Heise, notable progress has been made regarding the counterfeit Seagate hard drive case. Just like something out of an action movie, security teams from Seagate's Singapore and Malaysian offices, in conjunction with local Malaysian authorities, conducted a raid on a warehouse in May that was engaged in cooking up counterfeit Seagate hard drives, situated outside Kuala Lumpur.

During the raid, authorities reportedly uncovered approximately 700 counterfeit Seagate hard drives, with SMART values that had been reset to facilitate their sale as new... However, Seagate-branded drives were not the only items involved, as authorities also discovered drives from Kioxia and Western Digital. Seagate suspects that the used hard drives originated from China during the Chia [cryptocurrency] boom. Following the cryptocurrency's downfall, numerous miners sold these used drives to workshops where many were illicitly repurposed to appear new. This bust may represent only the tip of the iceberg, as Heise estimates that at least one million of these Chia drives are circulating, although the exact number that have been recycled remains uncertain.

The clandestine workshop, likely one of many establishments in operation, reportedly employed six workers. Their responsibilities included resetting the hard drives' SMART values, cleaning, relabeling, and repackaging them for distribution and sale via local e-commerce platforms.

South Korean authorities have arrested the operator of Yubin Archive, a Telegram-based "pirate library" that grew to over 330,000 members by sharing textbooks, workbooks, lectures, and exam prep materials under the banner of "eliminating educational inequality." TorrentFreak reports: An official statement confirming the operator's arrest was published locally on August 12. The timeline suggests the arrest probably took place on or around August 9. The following notice appeared on Yubin Archive on August 11. "The Ministry of Culture and Sports' Copyright Crime Science Investigation Team used digital science investigation (forensics) and various investigation methods to identify the core operator, conduct simultaneous search and seizure at their homes, and fully secure the Telegram criminal activities," the Ministry's statement reads. "Investigations into accomplices who participated in the operation are also underway."

While copyright infringement at scale is almost always a crime, regardless of content type or claimed good intention, having a Robin Hood character in the mix risks dilution of key anti-piracy messaging. No surprise then that much is being made of the existence of a 'minority room' within Yubin Archive, access to which was only permitted upon payment of a fee. "The core operator of the 'Yubin Archive', who was arrested, was found to have created a separate paid sharing channel (also known as a minority channel) while promoting the illegal sharing of learning materials as a noble act to eliminate educational inequality," the Ministry notes. "In addition, the illegal sharing channel was a criminal act that could instill incorrect copyright awareness in most users, including teenagers. The Ministry of Culture and Sports is committed to continuing its efforts to track and strictly respond to illegal activities that abuse anonymous channels such as Telegram, to protect the rights of creators."

Russian authorities are "partially" restricting calls in messaging apps Telegram and WhatsApp, the latest step in an effort to tighten control over the internet. From a report: In a statement, government media and internet regulator Roskomnadzor justified the measure as necessary for fighting crime, saying that "according to law enforcement agencies and numerous appeals from citizens, foreign messengers Telegram and WhatsApp have become the main voice services used to deceive and extort money, and to involve Russian citizens in sabotage and terrorist activities."

In 2020 a YouTube video used video footage of Steve Wozniak in a scam to steal bitcoin. "Some people said they lost their life savings," Wozniak tells CBS News, explaining why he sued YouTube in 2020 — and where his case stands now: Wozniak's lawsuit against YouTube has been tied up in court now for five years, stalled by federal legislation known as Section 230. Attorney Brian Danitz said, "Section 230 is a very broad statute that limits, if not totally, the ability to bring any kind of case against these social media platforms."

"It says that anything gets posted, they have no liability at all," said Wozniak. "It's totally absolute."

Google responded to our inquiry about Wozniak's lawsuit with a statement from José Castañeda, of Google Policy Communications: "We take abuse of our platform seriously and take action quickly when we detect violations ... we have tools for users to report channels that are impersonating their likeness or business." [Steve's wife] Janet Wozniak, however, says YouTube did nothing, even though she reported the scam video multiple times: "You know, 'Please take this down. This is an obvious mistake. This is fraud. You're YouTube, you're helping dupe people out of their money,'" she said.

"They wouldn't," said Steve...
Today is Steve Wozniak's 75th birthday. (You can watch the interview here.) And the article includes this interesting detail about Woz's life today: Wozniak sold most of his Apple stock in the mid-1980s when he left the company. Today, though, he still gets a small paycheck from Apple for making speeches and representing the company. He says he's proud to see Apple become a trillion-dollar company. "Apple is still the best," he said. "And when Apple does things I don't like, and some of the closeness I wish it were more open, I'll speak out about it. Nobody buys my voice!"

I asked, "Apple listen to you when you speak out?"

"No," Wozniak smiled. "Oh, no. Oh, no."
Wozniak answered questions from Slashdot readers in 2000 and again in 2012.

And he dropped by Slashdot on his birthday to leave this comment for Slashdot's readers...

"What happens when cybercriminals stop thinking small and start thinking like a Fortune 500 company?" asks a blog post from Koi Security. "You get GreedyBear, the attack group that just redefined industrial-scale crypto theft."

"150 weaponized Firefox extensions [impersonating popular cryptocurrency wallets like MetaMask and TronLink]. Nearly 500 malicious executables. Dozens of phishing websites. One coordinated attack infrastructure. According to user reports, over $1 million stolen." They upload 5-7 innocuous-looking extensions like link sanitizers, YouTube downloaders, and other common utilities with no actual functionality... They post dozens of fake positive reviews for these generic extensions to build credibility. After establishing trust, they "hollow out" the extensions — changing names, icons, and injecting malicious code while keeping the positive review history. This approach allows GreedyBear to bypass marketplace security by appearing legitimate during the initial review process, then weaponizing established extensions that already have user trust and positive ratings. The weaponized extensions captures wallet credentials directly from user input fields within the extension's own popup interface, and exfiltrate them to a remote server controlled by the group...

Alongside malware and extensions, the threat group has also launched a network of scam websites posing as crypto-related products and services. These aren't typical phishing pages mimicking login portals — instead, they appear as slick, fake product landing pages advertising digital wallets, hardware devices, or wallet repair services... While these sites vary in design, their purpose appears to be the same: to deceive users into entering personal information, wallet credentials, or payment details — possibly resulting in credential theft, credit card fraud, or both. Some of these domains are active and fully functional, while others may be staged for future activation or targeted scams...

A striking aspect of the campaign is its infrastructure consolidation: Almost all domains — across extensions, EXE payloads, and phishing sites — resolve to a single IP address: 185.208.156.66 — this server acts as a central hub for command-and-control, credential collection, ransomware coordination, and scam websites, allowing the attackers to streamline operations across multiple channels... Our analysis of the campaign's code shows clear signs of AI-generated artifacts. This makes it faster and easier than ever for attackers to scale operations, diversify payloads, and evade detection.

This isn't a passing trend — it's the new normal.
The researchers believe the group "is likely testing or preparing parallel operations in other marketplaces."

hackingbear shares a report from CNN: Taiwanese authorities have detained three current and former employees of the world's largest chip manufacturer, Taiwan Semiconductor Manufacturing Company (TSMC), for allegedly stealing trade secrets [and taking them to Japanese company Tokyo Electrons], prosecutors said Tuesday. Law enforcement officers questioned several suspects and witnesses late last month. They searched their homes and detained three of them over "serious suspicions of violating national security laws," the intellectual property branch of the Taiwan High Prosecutors Office said on Tuesday. After an internal investigation, the major Taiwanese exporter raised suspicions with authorities that its "core technologies" may have been illegally accessed by former and current staffers.

Nikkei Asia first reported on Tuesday that TSMC had fired staffers suspected of illegally obtaining business secrets related to the manufacturing technology for the company's 2-nanometer chip, the most advanced processor in the semiconductor industry that is expected to go into mass production this year. Taiwanese local media reported that a former TSMC employee now works at top chip manufacturing equipment supplier Tokyo Electron Ltd., and that the Japanese firm's Taiwan office was raided by investigators. On Thursday, Tokyo Electron confirmed it had dismissed an employee of its Taiwan subsidiary who was involved in the case, and said the company was cooperating with authorities. "As of now, based upon the findings of our internal investigation we have not confirmed any evidence of the respective confidential information shared to any third parties," it said in a statement.

Bruce66423 shares a report from the BBC: A man who is bringing a High Court challenge against the Metropolitan Police after live facial recognition technology wrongly identified him as a suspect has described it as "stop and search on steroids." Shaun Thompson, 39, was stopped by police in February last year outside London Bridge Tube station. Privacy campaign group Big Brother Watch said the judicial review, due to be heard in January, was the first legal case of its kind against the "intrusive technology." The Met, which announced last week that it would double its live facial recognition technology (LFR) deployments, said it was removing hundreds of dangerous offenders and remained confident its use is lawful. LFR maps a person's unique facial features, and matches them against faces on watch-lists. [...]

Mr Thompson said his experience of being stopped had been "intimidating" and "aggressive." "Every time I come past London Bridge, I think about that moment. Every single time." He described how he had been returning home from a shift in Croydon, south London, with the community group Street Fathers, which aims to protect young people from knife crime. As he passed a white van, he said police approached him and told him he was a wanted man. "When I asked what I was wanted for, they said, 'that's what we're here to find out'." He said officers asked him for his fingerprints, but he refused, and he was let go only after about 30 minutes, after showing them a photo of his passport.

Mr Thompson says he is bringing the legal challenge because he is worried about the impact LFR could have on others, particularly if young people are misidentified. "I want structural change. This is not the way forward. This is like living in Minority Report," he said, referring to the science fiction film where technology is used to predict crimes before they're committed. "This is not the life I know. It's stop and search on steroids. "I can only imagine the kind of damage it could do to other people if it's making mistakes with me, someone who's doing work with the community." Bruce66423 comments: "I suspect a payout of 10,000 pounds for each false match that is acted on would probably encourage more careful use, perhaps with a second payout of 100,000 pounds if the same person is victimized again."

The Chinese government "has embarked on an all-out drive to transform the technology from a remote concept to a newfangled reality, with applications on factory floors and in hospitals and government offices..." reports the Washington Post.

"[E]xperts say Beijing is pursuing an alternative playbook in an attempt to bridge the gap" with America: "aggressively pushing for the adoption of AI across the government and private sector." DeepSeek has been put to work over the last six months on a wide variety of government tasks. Procurement documents show military hospitals in Shaanxi and Guangxi provinces specifically requesting DeepSeek to build online consultation and health record systems. Local government websites describe state organs using DeepSeek for things like diverting calls from the public and streamlining police work. DeepSeek helps "quickly discover case clues and predict crime trends," which "greatly improves the accuracy and timeliness of crime fighting," a city government in China's Inner Mongolia region explained in a February social media post. Anti-corruption investigations — long a priority for Chinese leader Xi Jinping — are another frequent DeepSeek application, in which models are deployed to comb through dry spreadsheets to find suspicious irregularities. In April, China's main anti-graft agency even included a book called "Efficiently Using DeepSeek" on its official book recommendation list...

Alfred Wu, an expert on China's public governance at the National University of Singapore, said Beijing has disseminated a "top-down" directive to local governments to use AI. This is motivated, Wu said, by a desire to improve China's AI prowess amid a fierce rivalry with Washington by providing models access to vast stores of government data.

But not everyone is convinced that China has the winning hand, even as it attempts to push AI application nationwide. For one, China's sluggish economy will impact the AI industry's ability to grow and access funding, said Scott Singer [an expert on China's AI sector at the Carnegie Endowment for International Peace, who was attending the conference]... Others point out that local governments trumpeting their usage of DeepSeek is more about signaling than real technology uptake. Shen Yang, a professor at Tsinghua University's school of artificial intelligence, said DeepSeek is not being used at scale in anti-corruption work, for example, because the cases involve sensitive information and deploying new tools in these investigations requires long and complex approval processes.

A 21-year-old student who designed and distributed online kits linked to $175 million worth of fraud has been jailed for seven years. From a report: Ollie Holman created phishing kits that mimicked government, bank and charity websites so that criminals could harvest victims' personal information to defraud them. In one case a kit was used to mimic a charity's donation webpage so when someone tried to give money, their card details were taken and used by criminals.

Holman, of Eastcote in north-west London, created and supplied 1,052 phishing kits that targeted 69 organisations across 24 countries. He also offered tutorials in how to use the kits and built up a network of almost 700 connections. The fake websites supplied in the kits had features that allowed information such as login and bank details to be stored. It is estimated Holman received $405,000 from selling the kits between 2021 and 2023. The kits were distributed through the encrypted messaging service Telegram.

Massive mobile device tracking data has exposed the interconnected network of Myanmar's expanding scam centers, revealing how trafficked workers circulate between compounds despite February crackdowns. Analysis of 4.9 million location records from 11,930 mobile devices between January 2024 and May 2025 showed five devices visited all three major compounds -- Yatai New City, Apolo Park, and Yulong Bay Park -- plus the raided KK Park and Huanya Park facilities.

Workers are forced into romance scams, deceiving victims into believing they're in romantic relationships before extracting money. A South Asian man held six months at KK Park worked 16 hours daily conducting these online deceptions while enduring beatings and electric shocks for poor performance. Nikkei's investigation combined satellite imagery analysis, social media posts from Chinese platform Douyin, and open-source intelligence techniques to document continued construction at eight of 16 suspected sites. Myanmar authorities deported over 66,000 foreign nationals involved in these online fraud operations between October 2023 and June 2025.

alternative_right shares a report from France 24: A suspected administrator of a top Russian-language cybercrime forum, XSS.is, has been arrested in Ukraine with the help of French police and Europol, French prosecutors said on Wednesday. Industry experts describe XSS.is as one of the longest-running dark web forums. "On Tuesday July 22, a person suspected of being the administrator of the Russian-language cybercrime forum XSS.is was arrested as part of a criminal investigation opened by the Paris public prosecutor's office," Paris prosecutor Laure Beccuau said in a statement. "Active since 2013, this forum was one of the main hubs for global cybercrime. The forum also operated an encrypted Jabber messaging server, facilitating anonymous exchanges between cybercriminals."

"A judicial investigation was opened on November 9, 2021 on charges of complicity in attacks on an automated data processing system, organised extortion, and criminal conspiracy," Beccuau said. "The intercepted messages revealed numerous illicit activities related to cybercrime and ransomware, and established that they generated at least $7 million in profits."

Olof Kyros Gustafsson, former CEO of Escobar, pleaded guilty to fraud and money laundering charges related to the company's phone scam operation. The Department of Justice says Gustafsson took orders for phones branded with Pablo Escobar's likeness but failed to deliver products, instead transferring customer money for personal use.

When customers sought refunds, Gustafsson fraudulently referred payment processors to certificates of ownership as proof of delivery. The phones were Samsung devices with gold stickers. Gustafsson faces up to 20 years in prison and $1.3 million in restitution at his December 5th sentencing.