Snippings

xxx

North Korea-linked hacker organization Lazarus Group has stolen $3 billion in cryptocurrency over the past six years, according to a report by cybersecurity firm Recorded Future.
The report released on Thursday reveals that in 2022 alone, the group plundered $1.7 billion in cryptocurrency, likely to fund North Korean projects.
Blockchain data analysis firm Chainalysis indicates that out of this total, $1.1 billion was stolen from decentralized finance (DeFi) platforms.

From: Lazarus Group Stolen $3B in Cryptocurrency Likely to Fund North Korean Projects.

xxx

xxx

Fraud accounts for around 40% of all crime in England and Wales, with data from UK Finance showing almost 80% of all authorised pushed payment fraud originates from social media or a fake website.

From: World first agreement to tackle online fraud – GOV.UK.

xxx

xxx

Fraudsters can manipulate audio or video recordings to deceive employees or customers, enabling them to gain unauthorized access to sensitive information or carry out fraudulent transactions. In one case, AI voice cloning technology scammed a bank manager into initiating wire transfers worth $35 million. And an AI hologram was used to impersonate the COO of one of the world’s largest crypto exchanges on Zoom call, scamming another business into losing all their liquid funds.

From What are deepfakes and how do fraudsters use them? | Onfido.

xxx

xxx

The Waterloo researchers have developed a method that evades spoofing countermeasures and can fool most voice authentication systems within six attempts. They identified the markers in deepfake audio that betray it is computer-generated, and wrote a program that removes these markers, making it indistinguishable from authentic audio.

In a recent test against Amazon Connect’s voice authentication system, they achieved a 10 per cent success rate in one four-second attack, with this rate rising to over 40 per cent in less than thirty seconds. With some of the less sophisticated voice authentication systems they targeted, they achieved a 99 per cent success rate after six attempts.

From How secure are voice authentication systems really? | Waterloo News | University of Waterloo.

xxx

xxx

First and foremost, the digital euro will preserve the most valuable features of cash in the digital space, making it a true “digital banknote”. As legal tender, it would be usable throughout the euro area in all contexts, including e-commerce. Its offline mechanism will provide a cash-like level of privacy and increase our resilience. It will be free of charge for individuals. Its characteristics will support digital financial inclusion, including for people without bank accounts or smartphones.

From Money and payments in the digital age | Banque de France.

xxx

xxx

Fraud accounts for around 40% of all crime in England and Wales, with data from UK Finance showing almost 80% of all authorised pushed payment fraud originates from social media or a fake website.

From: World first agreement to tackle online fraud – GOV.UK.

xxx

xxx

Elven Big Tech firms and social media platforms have signed up to a UK Online Fraud Charter to combat rising levels of scams from fake adverts and romance fraud.

From: UK to bring tech firms to account under new Online Fraud Charter.

xxx

Under the new Charter the companies, which include Amazon, eBay, Facebook, Google, Instagram, LinkedIn, Match Group, Microsoft, Snapchat, TikTok, and YouTube, have pledged to verify new advertisers and “promptly” remove any fraudulent content.

Vitalik Buterin points to four key areas where new technology is improving the situation

It is generally understood among security professionals that the current state of computer security is pretty terrible. That said, it’s easy to understate the amount of progress that has been made. Hundreds of billions of dollars of cryptocurrency are available to anonymously steal by anyone who can hack into users’ wallets, and while far more gets lost or stolen than I would like, it’s also a fact that most of it has remained un-stolen for over a decade. Recently, there have been improvements:

Secure Elements. Trusted hardware chips inside of users’ phones, effectively creating a much smaller high-security operating system inside the phone that can remain protected even if the rest of the phone gets hacked. Among many other use cases, these chips are increasingly being explored as a way to make more secure crypto wallets.

Browsers as the de-facto operating system. Over the last ten years, there has been a quiet shift from downloadable applications to in-browser applications. This has been largely enabled by WebAssembly (WASM). Even Adobe Photoshop, long cited as a major reason why many people cannot practically use Linux because of its necessity and Linux-incompatibility, is now Linux-friendly thanks to being inside the browser. This is also a large security boon: while browsers do have flaws, in general they come with much more sandboxing than installed applications: apps cannot access arbitrary files on your computer.

Hardened operating systems. GrapheneOS for mobile exists, and is very usable. QubesOS for desktop exists; it is currently somewhat less usable than Graphene, at least in my experience, but it is improving.

Attempts at moving beyond passwords. Passwords are, unfortunately, difficult to secure both because they are hard to remember, and because they are easy to eavesdrop on. Recently, there has been a growing movement toward reducing emphasis on passwords, and making multi-factor hardware-based authentication actually work (ie, passkeys).

From My techno-optimism.

xxx

Vitalik Buterin made a very good point about this

xxx

The need to protect against spam has led to email becoming very oligopolistic in practice, making it very hard to self-host or create a new email provider.

From My techno-optimism.

xxx

Indeed, this is what happened to me. For years I ran a mail server for our family’s accounts but with increasing frequency it was attacked in various ways and used to send spam, which meant it kept getting blocked. It was time-consuming and exhausting so eventually I gave up and moved the accounts to Google.

xxx

Amit Kumar, Chief Technology Officer, Easebuzz says, “UPI QR code scams represent a common method employed by fraudsters to exploit individuals online. These scammers use enticing messages coupled with QR codes, tempting recipients with promises of rewards or cash. During online transactions, it’s essential to meticulously review deducted amounts for confirmation.”

From Rising UPI scam trend: Follow these tips to keep yourself safe from scammers | Mint.

xxx

While I have no real insights into Binance and their operations, I do read the news about them. This is why I saw Columbia Business School professor Omid Malekan’s comments that  Binance “did a reasonably decent job of onboarding tens of millions of poor, brown, and otherwise underprivileged people into the financial system”. I

Promoters plugged crypto as the key to accelerating Black America’s path to prosperity. It was going to level the playing field once and for all. The world of cryptocurrency was painted as a welcoming place for Black investors leery of traditional finance, a golden opportunity to build wealth and achieve financial empowerment. There was lots of talk of big returns, and few warnings of risks. Exuberance took hold.

But when markets began to crumble, Black people were left holding the bag.

From How the Crypto Hustle Carries on America’s Shameful History of Racial Inequality | Institute for New Economic Thinking.

xxx

 

xxx

Promoters plugged crypto as the key to accelerating Black America’s path to prosperity. It was going to level the playing field once and for all. The world of cryptocurrency was painted as a welcoming place for Black investors leery of traditional finance, a golden opportunity to build wealth and achieve financial empowerment. There was lots of talk of big returns, and few warnings of risks. Exuberance took hold.

But when markets began to crumble, Black people were left holding the bag.

From How the Crypto Hustle Carries on America’s Shameful History of Racial Inequality | Institute for New Economic Thinking.

xxx

 

xxx

“Using bitcoin prices around the time of transfers to crypto accounts as a proxy for investment price, we find that lower-income households bought crypto at substantially higher prices,” the report said.

From No, crypto isn’t the secret to building Black wealth. Here’s why. – The Washington Post.

xxx

 

xxx

Tonantzin Carmona, a Brookings Institute fellow who researches crypto’s impact on minority communities, said that for inexperienced investors, this sort of high-profile hype easily obscures crypto’s drawbacks.

Carmona considers crypto’s marketing to racial minorities part of a legacy of “predatory inclusion” in the tradition of payday loans and subprime mortgages — risky services that promise access to financing that would otherwise be out of reach.

From Black, Hispanic investors struggle with faith in crypto | AP News.

xxx