An anonymous reader quotes a report from 404 Media: Flock is one of the largest vendors of automated license plate readers (ALPRs) in the country. The company markets itself as having the goal to fully "eliminate crime" with the use of ALPRs and other connected surveillance cameras, a target experts say is impossible. [...] Flock and automated license plate reader cameras owned by other companies are now in thousands of neighborhoods around the country. Many of these systems talk to each other and plug into other surveillance systems, making it possible to track people all over the country.

"It went from me seeing 10 license plate readers to probably seeing 50 or 60 in a few days of driving around," [said Alabama resident and developer Will Freeman]. "I wanted to make a record of these things. I thought, 'Can I make a database of these license plate readers?'" And so he made a map, and called it DeFlock. DeFlock runs on Open Street Map, an open source, editable mapping software. He began posting signs for DeFlock (PDF) to the posts holding up Huntsville's ALPR cameras, and made a post about the project to the Huntsville subreddit, which got good attention from people who lived there. People have been plotting not just Flock ALPRs, but all sorts of ALPRs, all over the world. [...]

When I first talked to Freeman, DeFlock had a few dozen cameras mapped in Huntsville and a handful mapped in Southern California and in the Seattle suburbs. A week later, as I write this, DeFlock has crowdsourced the locations of thousands of cameras in dozens of cities across the United States and the world. He said so far more than 1,700 cameras have been reported in the United States and more than 5,600 have been reported around the world. He has also begun scraping parts of Flock's website to give people a better idea of where to look to map them. For example, Flock says that Colton, California, a city with just over 50,000 people outside of San Bernardino, has 677 cameras.

People who submit cameras to DeFlock have the ability to note the direction that they are pointing in, which can help people understand how these cameras are being positioned and the strategies that companies and police departments are using when deploying them. For example, all of the cameras in downtown Huntsville are pointing away from the downtown core, meaning they are primarily focused on detecting cars that are entering downtown Huntsville from other areas.

Major retailers are considering embedding radio-emitting threads into clothing as a novel anti-theft measure amid soaring retail crime rates, according to Bloomberg, citing industry sources. The technology, developed by Spanish firm Myruns, uses conductive ink derived from cellulose to create threads five times thinner than human hair that can trigger security alarms.

Zara owner Inditex has discussed implementing the system, though the company says it has no plans for in-store testing. Retail theft caused an estimated $73 billion in lost sales in the U.S. in 2022, according to the National Retail Federation, while UK losses doubled to $4.2 billion in 2023. The crisis has prompted retailers to increase security personnel and surveillance systems. The threadlike technology could provide an alternative to traditional metal-based security tags, potentially offering biodegradable and recyclable anti-theft protection.

An anonymous reader quotes a report from CBC News: The head of a company specializing in cryptocurrency was kidnapped and held for ransom in downtown Toronto during rush hour Wednesday. Police were called about a kidnapping in the area of University Avenue and Richmond Street W. just before 6 p.m., says a spokesperson with the Toronto Police Service. The suspects forced the victim into a vehicle and made a demand for money, the spokesperson said. The man was later located in Centennial Park in Etobicoke uninjured.

CBC Toronto has learned the victim is Dean Skurka, the president and CEO of Toronto-based financial firm WonderFi. He was released after a ransom of $1 million was paid electronically, a source close to the investigation said. Police say the investigation is ongoing and have not released any further details. [...] The alleged kidnapping happened the same day WonderFi released its third quarter earnings results, showing a 153 per cent increase compared to its third quarter in 2023.

During an operation across 95 countries from April to August 2024, Interpol arrested 41 individuals and dismantled over 1,000 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime. BleepingComputer reports: Interpol said its enforcement action was backed by intelligence provided by private cybersecurity firms like Group-IB, Kaspersky, Trend Micro, and Team Cymru, leading to the identification of over 30,000 suspicious IP addresses. Eventually, roughly 76% of those were taken down, 59 servers were seized, and 43 electronic devices were confiscated, which will be examined to retrieve additional evidence. In addition to the 41 individuals who were arrested, the authorities are also investigating another 65 persons suspected of associating with illicit activities.

Cybercriminals have breached dozens of major companies including AT&T, Ticketmaster and Hot Topic by exploiting "infostealer" malware that harvests login credentials from infected computers, an investigation has found. The malware, spread through pirated software and social media, has infected 250,000 new devices daily, according to cybersecurity firm Recorded Future. Russian developers create the malware while contractors distribute it globally, deliberately avoiding former Soviet states. Hot Topic suffered potentially the largest retail hack ever in October when attackers accessed 350 million customer records using stolen developer credentials. Google and Microsoft are racing to patch vulnerabilities, but malware makers quickly adapt to new security measures.

Former FTX executive Nishad Singh was ordered to forfeit $11 billion, reports CNBC — and is subject to three years of supervised release, making him "the fourth ex-employee of the collapsed crypto exchange to be punished."

But while he'd faced a maximum sentence of 75 years, he'll serve no time, according to this report from the Associated Press: Singh, the company's former engineering director, was sentenced in Manhattan by Judge Lewis A. Kaplan, who said his cooperation was "remarkable." The judge noted that Singh did not learn of the billions of dollars that were misappropriated from FTX customer accounts and investors until two months before the fraud unraveled... Singh, 29, testified a year ago at Bankman-Fried's trial, saying he was "blindsided and horrified" when he saw the extent of the fraud behind the once-celebrated and seemingly pioneering firm. At sentencing, Singh said he was "overwhelmed with remorse" for his role in the fraud. "I strayed so far from my values, and words can't express how sorry I am," he said....

The sentencing came a month after Caroline Ellison, another key witness at Bankman-Fried's trial and a former top executive in his cryptocurrency empire, was sentenced to two years in prison. At the time, Kaplan praised her cooperation but said it wasn't a get-out-of-jail-free card. On Wednesday, Kaplan drew a distinction between the cooperation by Ellison and Singh's work with prosecutors, saying Ellison had participated in the fraud "from the beginning" and had been aware of all the wrongdoing for years... [Defense attorney Andrew Goldstein] said leniency would encourage future cooperators in other criminal cases to come forward.

Assistant U.S. Attorney Nicolas Roos credited Singh with providing information within weeks of the fraud being publicly revealed, saying he helped prosecutors learn about crimes they might otherwise have never discovered, including his own. Roos said, for instance, that Singh told prosecutors about campaign finance violations that occurred as FTX executives made tens of millions of dollars in donations to political candidates. The prosecutor also said Singh revealed private conversations with Bankman-Fried that strengthened the government's case and enabled it to bring charges more quickly against multiple people. Singh gave prosecutors "documentary evidence the government did not have and likely never would have had," Roos said.
Bankman-Fried, of course, began a 25-year sentence last November. And three weeks ago FTX executive Ryan Salame made an update on his LinkedIn profile. "I'm happy to share that I'm starting a new position as Inmate at FCI Cumberland!"

"His post quickly went viral," notes CNN, "prompting Salame to joke on X: "Today I learned people still use LinkedIn."

Jay Newman, who made billions for Elliott Management pursuing Argentina's defaulted debt, wrote a 2022 thriller about corrupt spies and hedge funds. Now federal prosecutors are examining parallels between his novel "Undermoney" and real-world events.

The investigation centers on Amit Forlit, an Israeli private investigator facing U.S. extradition charges for alleged email theft from Argentine officials during Elliott's sovereign debt battle. Prosecutors are probing whether Forlit's alleged $20 million hacking operation aided Elliott's eventual $2.2 billion settlement with Argentina. "There's not that much fiction in 'Undermoney,'" Newman told interviewers while promoting the book, which features Israeli operatives and hedge fund intrigue. Newman and Elliott deny any wrongdoing, with Newman calling suggestions of illegal activity "categorically false."

The probe is examining $20 million paid to a Forlit-controlled company via a consulting firm that worked for Elliott, according to court statements and people familiar with the matter. Forlit denied involvement in hacking during a 2022 deposition. Prosecutors are also investigating Forlit's work for ExxonMobil regarding climate change critics. Neither Elliott nor ExxonMobil has been accused of wrongdoing. Newman, who left Elliott in 2016 with a $70 million bonus after the Argentina settlement, met regularly with Forlit to discuss the Argentine case, WSJ has reported. His novel follows dark money trails through Washington power corridors and Wall Street trading floors, featuring Israeli operatives described as "expensive, but consistent."

The feds have indicted Aleksei Andriunin, a 26-year-old Russian national and founder of Gotbit, on charges of wire fraud and conspiracy to commit market manipulation. Crypto News reports: According to the U.S. Attorney's Office, the indictment alleges that Andriunin and his firm participated in a long-running scheme to artificially boost trading volumes for various cryptocurrency companies, including some based in the United States, to make them appear more popular and increase their trading value. Andriunin allegedly led these activities between 2018 and 2024 as Gotbit's CEO. He could face up to 20 years in prison, additional fines, and asset forfeiture if convicted, according to the U.S. Attorney's Office. Prosecutors say the scheme involved "wash trading," where the firm used its software to make fake trades that inflated a cryptocurrency's trading volume. This practice, called market manipulation, can mislead investors by giving the impression that demand for a particular cryptocurrency is higher than it actually is. Wash trades are illegal in traditional finance and are considered fraudulent because they deceive investors and manipulate market behavior.

Court documents also identify Gotbit's two directors, Fedor Kedrov and Qawi Jalili, as co-conspirators. The indictment claims Gotbit documented these activities in detailed records, tracking differences between genuine and artificial trading volumes. The firm allegedly pitched these services to prospective clients, explaining how Gotbit's tactics would bypass detection on public blockchains, where transactions are recorded transparently. The U.S. Department of Justice has announced that it seized over $25 million worth of cryptocurrency assets connected to these schemes and made four arrests across multiple firms. If you've been following the crypto industry, you're probably familiar with "pump-and-dump" schemes that have popped up throughout the years. Although it's a form of market manipulation, it's not quite the same as "wash trading."

In a pump-and-dump scheme, the perpetrator artificially inflates the price of a security (often a low-priced or thinly traded stock) by spreading misleading or exaggerated information to attract other buyers, who then drive up the price. Once the price has risen due to increased demand, the manipulators "dump" their shares at the inflated price, selling to the new buyers and pocketing the profits. The price typically crashes after the dump, leaving unsuspecting investors with overvalued shares and significant losses.

Wash trading, on the other hand, involves simultaneously buying and selling of the same asset to create the illusion of higher trading volume and activity. The purpose is to mislead other investors about the asset's liquidity and demand, often giving the impression that it is more popular or actively traded than it actually is. Wash trades usually occur without real changes in ownership or price movement, as the buyer and seller may even be the same person or entity. This tactic can manipulate prices indirectly by creating a perception of interest, but it does not involve a direct inflation followed by a sell-off, like a pump-and-dump scheme.

JPMorgan Chase is suing customers who exploited an ATM glitch that allowed them to withdraw funds before a check bounced. CNBC reports: The bank on Monday filed lawsuits in at least three federal courts, taking aim at some of the people who withdrew the highest amounts in the so-called infinite money glitch that went viral on TikTok and other social media platforms in late August. [...] JPMorgan, the biggest U.S. bank by assets, is investigating thousands of possible cases related to the "infinite money glitch," though it hasn't disclosed the scope of associated losses. Despite the waning use of paper checks as digital forms of payment gain popularity, they're still a major avenue for fraud, resulting in $26.6 billion in losses globally last year, according to Nasdaq's Global Financial Crime Report.

The infinite money glitch episode highlights the risk that social media can amplify vulnerabilities discovered at a financial institution. Videos began circulating in late August showing people celebrating the withdrawal of wads of cash from Chase ATMs shortly after bad checks were deposited. Normally, banks only make available a fraction of the value of a check until it clears, which takes several days. JPMorgan says it closed the loophole a few days after it was discovered.

The lawsuits are likely to be just the start of a wave of litigation meant to force customers to repay their debts and signal broadly that the bank won't tolerate fraud, according to the people familiar. JPMorgan prioritized cases with large dollar amounts and indications of possible ties to criminal groups, they said. The civil cases are separate from potential criminal investigations; JPMorgan says it has also referred cases to law enforcement officials across the country. "Fraud is a crime that impacts everyone and undermines trust in the banking system," JPMorgan spokesman Drew Pusateri said in a statement to CNBC. "We're pursuing these cases and actively cooperating with law enforcement to make sure if someone is committing fraud against Chase and its customers, they're held accountable."

"In the early hours of Thursday, March 23, 2023, residents in the German town of Kronberg were woken from their sleep by several explosions," reports CNN .

"Criminals had blown up an ATM located below a block of flats in the town center..." According to local media reports, witnesses saw people dressed in dark clothing fleeing in a black car towards a nearby highway. During the heist, thieves stole 130,000 euros in cash. They also caused an estimated half a million euros worth of collateral damage, according to a report by Germany's Federal Criminal Police Office, BKA.

Rather than staging dramatic and risky bank robberies, criminal groups in Europe have been targeting ATMs as an easier and more low-key target. In Germany — Europe's largest economy — thieves have been blowing up ATMs at a rate of more than one per day in recent years. In a country where cash is still a prevalent payment method, the thefts can prove incredibly lucrative, with criminals pocketing hundreds of thousands of euros in one attack.

Europol has been cracking down on the robberies, carrying out large cross-border operations aimed at taking down the highly-organized criminal gangs behind them. Earlier this month, authorities from Germany, France and the Netherlands arrested three members of a criminal network who have been carrying out attacks on cash machines using explosives, Europol said in a statement. Since 2022, the detainees are believed to have looted millions of euros and run up a similar amount in property damage, from 2022 to 2024, Europol said...

Unlike its European neighbors, who largely transitioned away from cash payments due to the Covid-19 pandemic, cash still plays a significant role in Germany. One half of all transactions in 2023 were made using banknotes and coins, according to Bundesbank. Germans have a cultural attachment to cash, traditionally viewing it as a safe method of payment. Some say it allows a greater level of privacy, and gives them more control over their expenses.

A government-controlled wallet that had been drained of $20 million on Thursday received most of its funds back Friday, adding another layer of mystery to transactions flagged by blockchain analysts as likely being connected to a high-profile theft. From a report: The pseudonymous blockchain sleuth ZachXBT had said in a tweet Thursday that the transfers resembled the playbook of a bad actor. Engaging with several decentralized finance protocols, the wallet had also tapped so-called instant exchanges after funds were moved across a series of transfers that "looked nefarious." About $19.3 million worth of funds had been returned to the wallet early Friday, per on-chain data collected by Arkham Intelligence, including Ethereum and the stablecoin USDC. Still, ZachXBT said in his Telegram community that funds transferred to exchanges had not yet been returned.

An anonymous reader quotes a report from Hackread: The United States Department of Justice (DoJ) has indicted two Sudanese nationals for their alleged role in operating the hacktivist group Anonymous Sudan. The group claimed fame for conducting "tens of thousands" of large-scale and crippling Distributed Denial of Service attacks (DDoS attacks) targeting critical infrastructure, corporate networks, and government agencies globally. Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27, stand accused of conspiracy to damage protected computers. Ahmed Salah faces additional charges for damaging protected computers. The duo is believed to have controlled Anonymous Sudan, which, since early 2023, launched attacks on high-profile entities such as ChatGPT, UAE's Flydubai Airline, London Internet Exchange, Microsoft, and the Israeli BAZAN Group.

The group and its clients also utilized the Distributed Cloud Attack Tool (DCAT) to conduct over 35,000 DDoS attacks. These attacks targeted sensitive government and critical infrastructure in the U.S. and globally, including the Department of Justice, Department of Defense, FBI, State Department, and Cedars-Sinai Medical Center in Los Angeles. The attacks, which sometimes lasted days, reportedly caused major damage, often crippling websites and networks. For instance, the attack on Cedars-Sinai Medical Center forced the redirection of incoming patients for eight hours, causing over $10 million in damages to U.S. victims.

An anonymous reader quotes a report from CBC News: The murder trial of a tech consultant in the stabbing death of Cash App founder Bob Lee begins Monday, a year and a half after the widely admired entrepreneur was found staggering on a deserted downtown San Francisco street seeking help. Lee's death at age 43 stunned the tech community, and fellow executives and engineers penned tributes to his generosity and brilliance. Lee was chief product officer of cryptocurrency platform MobileCoin when he died. He was a father to two children.

Prosecutors say Nima Momeni, 40, planned the April 4 attack after a dispute over his younger sister, Khazar, with whom Lee was friends. They say Momeni took a knife from his sister's condo, drove Lee to a secluded area and stabbed him three times, then fled. Defence lawyers disagree, and they say that Lee, high on drugs, attacked Momeni. "Our theory is that Bob had the knife, and that Nima acted in self defence," attorney Saam Zangeneh said.

He said his client is eager to tell his side of the story, but they haven't decided whether Momeni will testify in his defence. Momeni, who lives in nearby Emeryville, Calif., has been in custody since his arrest days after Lee died at a San Francisco hospital. Momeni's mother has been a steadfast presence at court hearings, and he is close to his sister. [...] Momeni, who has pleaded not guilty, faces 26 years to life if convicted. San Francisco Superior Court Judge Alexandra Gordon has told jurors the trial could last until mid-December.

The Wall Street Journal delves into the origin story of that teenaged Grand Theft Auto VI leaker. Arion Kurtaj, now 19 years old, is the most notorious name that has emerged from a sprawling set of online communities called the Com... Their youthful inventiveness and tenacity, as well as their status as minors that make prosecution more complicated, have made the Com especially dangerous, according to law-enforcement officials and cybersecurity investigators. Some kids, they say, are recruited from popular online spaces like Minecraft or Roblox.... [William McKeen, a supervisory special agent with the FBI's Cyber Division] said the average age of anyone arrested for a crime in the U.S. is 37, while the average age of someone arrested for cybercrime is 19. Cybersecurity investigators have found posts they say suggest Kurtaj has been involved in online attacks since he was 11.
"He had limited social skills and trouble developing relationships, records say — and ultimately looked for approval in the booming world of cybercrime..." [When Kurtaj was 14] he landed in a residential school serving children with severe emotional and behavioral needs. Kurtaj was physically assaulted by a staff member at his school who was later convicted as a result, according to a person familiar with the case. In early 2021, his mother brought him home and removed him from government care, court records say. He never returned to school. He was 16.

A month after his mother pulled him out of school, investigators say that Kurtaj was part of a hacking group called Recursion Team that broke into the videogame firm Electronic Arts and stole 780 gigabytes of data. When Electronic Arts refused to engage, they dumped the stolen data online. Within a week of that hack, investigators had identified Kurtaj and provided his name to the FBI. Later in that summer of 2021, according to court records, Kurtaj partnered with another teenager, known as ASyntax, and several Brazilian hackers, and started calling themselves Lapsus$. The group hacked into the British telecommunications giant BT in an effort to steal money using a technique called SIM swapping... The hacks weren't always for money. In late 2021, Lapsus$ hacked into a website operated by Brazil's Ministry of Health and deleted the country's database of Covid vaccinations, according to law enforcement...

If the Com has a social center, it's a website called Doxbin, where users publish personal details, such as home addresses and phone numbers, of their online rivals in an attempt to intimidate each other. Kurtaj bought Doxbin in November 2021 for $75,000, according to Chainalysis. But after a few months, the previous owners accused Kurtaj of mismanaging the site and pressured him to sell it back. He relented. Then in January 2022, cybersecurity investigators say, he doxxed the entire site, publishing a database that included usernames, passwords and email addresses that he'd downloaded when he was the owner. For cybersecurity experts, it was a gold mine. "It helped investigators piece together which crimes were done by who," said Allison Nixon, chief research officer at Unit 221B, an online investigations firm.

Doxbin's owners responded with a dox of Kurtaj and his family, including his home address and photos of him, investigators say — setting up the chain of events that would put Kurtaj in the Travelodge.
After two weeks of "protective custody" there — during which time he was supposed to be computer-free — Kurtaj "was arrested a third time and charged with hacking, fraud and blackmail. Authorities said that while at the Travelodge, he broke into Uber and taunted the company by posting a link to a photo of an erect penis on the company's internal Slack messaging system, then stole software and videos from Rockstar Games. Stolen clips had popped up in a Grand Theft Auto discussion forum from a user named teapotuberhacker and stirred a frenzy.

"As officers collected evidence, the teen stood by, emotionless, police say...."

"Kurtaj's lawyers and some experts on autism have said a potential lifetime of incarceration isn't appropriate for a teenager like Kurtaj..."

Thanks to long-time Slashdot reader SpzToid for sharing the article.

Formed in 2021 by cybersecurity professionals (and backed by high-powered VCs including Dell Technologies Capital), Halcyon sells an enterprise-grade anti-ransomware platform.

And this month they announced they're offering protection against ransomware attacks targeting Linux systems, according to Linux magazine: According to Cynet, Linux ransomware attacks increased by 75 percent in 2023 and are expected to continue to climb as more bad actors target Linux deployments... "While Windows is the favorite for desktops, Linux dominates the market for supercomputers and servers."
Here's how Halcyon's announcement made their pitch: "When it comes to ransomware protection, organizations typically prioritize securing Windows environments because that's where the ransomware operators were focusing most of their attacks. However, Linux-based systems are at the core of most any organization's infrastructure, and protecting these systems is often an afterthought," said Jon Miller, CEO & Co-founder, Halcyon. "The fact that Linux systems usually are always on and available means they provide the perfect beachhead for establishing persistence and moving laterally in a targeted network, and they can be leveraged for data theft where the exfiltration is easily masked by normal network traffic. As more ransomware operators are developing the capability to target Linux systems alongside Windows, it is imperative that organizations have the ability to keep pace with the expanded threat."

Halcyon Linux, powered through the Halcyon Anti-Ransomware Platform, uniquely secures Linux-based systems offering comprehensive protection and rapid response capabilities... Halcyon Linux monitors and detects ransomware-specific behaviors such as unauthorized access, lateral movement, or modification of critical files in real-time, providing instant alerts with critical context... When ransomware is suspected or detected, the Halcyon Ransomware Response Engine allows for rapid response and action.... Halcyon Data Exfiltration Protection (DXP) identifies and blocks unauthorized data transfers to protect sensitive information, safeguarding the sensitive data stored in Linux-based systems and endpoints...

Halcyon Linux runs with minimal resource impact, ensuring critical environments such as database servers or virtualized workloads, maintain the same performance.
And in addition, Halcyon offers "an around the clock Threat Response team, reviewing and responding to alerts," so your own corporate security teams "can attend to other pressing priorities..."

The FBI created a cryptocurrency as part of an investigation into price manipulation in crypto markets, the government revealed on Wednesday. From a report: The FBI's Ethereum-based token, NexFundAI, was created with the help of "cooperating witnesses." As a result of the investigation, the Securities and Exchange Commission charged three "market makers" and nine people for allegedly engaging in schemes to boost the prices of certain crypto assets. The Department of Justice charged 18 people and entities for "widespread fraud and manipulation" in crypto markets.

The defendants allegedly made false claims about their tokens and executed so-called "wash trades" to create the impression of an active trading market, prosecutors claim. The three market makers -- ZMQuant, CLS Global, and MyTrade -- allegedly wash traded or conspired to wash trade on behalf of NexFundAI, an Ethereum-based token they didn't realize was created by the FBI.

"What the FBI uncovered in this case is essentially a new twist to old-school financial crime," Jodi Cohen, the special agent in charge of the FBI's Boston division, said in a statement. "What we uncovered has resulted in charges against the leadership of four cryptocurrency companies, and four crypto 'market makers' and their employees who are accused of spearheading a sophisticated trading scheme that allegedly bilked honest investors out of millions of dollars."

Porch pirates across the country for months have been snatching FedEx packages that contain AT&T iPhones -- within minutes or even seconds of delivery. From a report: The key to these swift crimes, investigators say: The thieves are armed with tracking numbers. Another factor that makes packages from AT&T particularly vulnerable is that AT&T typically doesn't require signature on delivery. Doorbell camera videos show the thefts in New York, Pennsylvania, Delaware, Virginia, Michigan, Georgia, Florida and Texas. The details are similar: A FedEx driver drops off a box with an iPhone from AT&T. Then a person walks up -- sometimes wearing an Amazon delivery vest -- and plucks the package off the front step. The heist can be so quick that in some videos, the FedEx driver and thief cross paths.

"They know what's getting delivered and the location," said Detective Lt. Matt Arsenault from the Gardner Police Department in Massachusetts, which is investigating several recent thefts. "They meet the delivery driver at the front door and take it." Since the pandemic, parcel carriers have reported a rise in porch thefts as workers have returned to offices and fewer people are home during the day to receive packages. Now, a spate of thefts that began a few months ago is targeting FedEx deliveries for AT&T. The two companies said they were working with law enforcement to investigate, and declined to disclose how many such packages have been stolen.

An anonymous reader shared this report from the Washington Post: Hundreds of Americans have been arrested after being connected to a crime by facial recognition software, a Washington Post investigation has found, but many never know it because police seldom disclose their use of the controversial technology...

In fact, the records show that officers often obscured their reliance on the software in public-facing reports, saying that they identified suspects "through investigative means" or that a human source such as a witness or police officer made the initial identification... The Coral Springs Police Department in South Florida instructs officers not to reveal the use of facial recognition in written reports, according to operations deputy chief Ryan Gallagher. He said investigative techniques are exempt from Florida's public disclosure laws... The department would disclose the source of the investigative lead if it were asked in a criminal proceeding, Gallagher added....

Prosecutors are required to inform defendants about any information that would help prove their innocence, reduce their sentence or hurt the credibility of a witness testifying against them. When prosecutors fail to disclose such information — known as a "Brady violation" after the 1963 Supreme Court ruling that mandates it — the court can declare a mistrial, overturn a conviction or even sanction the prosecutor. No federal laws regulate facial recognition and courts do not agree whether AI identifications are subject to Brady rules. Some states and cities have begun mandating greater transparency around the technology, but even in these locations, the technology is either not being used that often or it's not being disclosed, according to interviews and public records requests...

Over the past four years, the Miami Police Department ran 2,500 facial recognition searches in investigations that led to at least 186 arrests and more than 50 convictions. Among the arrestees, just 1 in 16 were told about the technology's use — less than 7 percent — according to a review by The Post of public reports and interviews with some arrestees and their lawyers. The police department said that in some of those cases the technology was used for purposes other than identification, such as finding a suspect's social media feeds, but did not indicate in how many of the cases that happened. Carlos J. Martinez, the county's chief public defender, said he had no idea how many of his Miami clients were identified with facial recognition until The Post presented him with a list. "One of the basic tenets of our justice system is due process, is knowing what evidence there is against you and being able to challenge the evidence that's against you," Martinez said. "When that's kept from you, that is an all-powerful government that can trample all over us."

After reviewing The Post's findings, Miami police and local prosecutors announced plans to revise their policies to require clearer disclosure in every case involving facial recognition.
The article points out that Miami's Assistant Police Chief actually told a congressional panel on law enforcement AI use that his department is "the first to be completely transparent about" the use of facial recognition. (When confronted with the Washington Post's findings, he "acknowledged that officers may not have always informed local prosecutors [and] said the department would give prosecutors all information on the use of facial recognition, in past and future cases".

He told the Post that the department would "begin training officers to always disclose the use of facial recognition in incident reports." But he also said they would "leave it up to prosecutors to decide what to disclose to defendants."

"Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users."

That's the title of a new report released this week by cybersecurity company Group-IB revealing the official Apple App Store and Google Play store offered apps that were actually one part of a larger fraud campaign. "To complete the scam, the victim is asked to fund their account... After a few seemingly successful trades, the victim is persuaded to invest more and more money. The account balance appears to grow rapidly. However, when the victim attempts to withdraw funds, they are unable to do so."

Forbes reports: Group-IB determined that the frauds would begin with a period of social engineering reconnaissance and entrapment, during which the trust of the potential victim was gained through either a dating app, social media app or even a cold call. The attackers spent weeks on each target. Only when this "fattening up" process had reached a certain point would the fraudsters make their next move: recommending they download the trading app from the official App Store concerned.

When it comes to the iOS app, which is the one that the report focussed on, Group-IB researchers said that the app remained on the App Store for several weeks before being removed, at which point the fraudsters switched to phishing websites to distribute both iOS and Android apps. The use of official app stores, albeit only fleetingly as Apple and Google removed the fake apps in due course, bestowed a sense of authenticity to the operation as people put trust in both the Apple and Google ecosystems to protect them from potentially dangerous apps.
"The use of web-based applications further conceals the malicious activity," according to the researchers, "and makes detection more difficult." [A]fter the download is complete, the application cannot be launched immediately. The victim is then instructed by the cybercriminals to manually trust the Enterprise developer profile. Once this step is completed, the fraudulent application becomes operational... Once a user registers with the fraudulent application, they are tricked into completing several steps. First, they are asked to upload identification documents, such as an ID card or passport. Next, the user is asked to provide personal information, followed by job-related details...

The first discovered application, distributed through the Apple App Store, functions as a downloader, merely retrieving and displaying a web-app URL. In contrast, the second application, downloaded from phishing websites, already contains the web-app within its assets. We believe this approach was deliberate, since the first app was available in the official store, and the cybercriminals likely sought to minimise the risk of detection. As previously noted, the app posed as a tool for mathematical formulas, and including personal trading accounts within an iOS app would have raised immediate suspicion.
The app (which only runs on mobile phones) first launches a fake activity with formulas and graphics, according to the researchers. "We assume that this condition must bypass Apple's checks before being published to the store. As we can see, this simple trick allows cybercriminals to upload their fraudulent application to the Apple Store." They argue their research "reinforces the need for continued review of app store submissions to prevent such scams from reaching unsuspecting victims". But it also highlights "the importance of vigilance and end-user education, even when dealing with seemingly trustworthy apps..."

"Our investigation began with an analysis of Android applications at the request of our client. The client reported that a user had been tricked into installing the application as part of a stock investment scam. During our research, we uncovered a list of similar fraudulent applications, one of which was available on the Google Play Store. These apps were designed to display stock-related news and articles, giving them a false sense of legitimacy."

This week the U.S. Attorney's Office for the Southern District of New York unsealed charges over a "scheme to commit fraud" in carbon markets, which they say fraudulently netted one company "tens of millions of dollars" worth of credits — which led to "securing an investment of over $100 million."

MarketWatch reports: Ken Newcombe had spent years building a program to distribute more environmentally friendly cookstoves for free to rural communities in Africa and Southeast Asia. The benefit for his company, C-Quest Capital, would be the carbon credits it would receive in exchange for reducing the amount of fuel people burned in order to cook food — credits the company could then sell for a profit to big oil companies like BP.

But when Newcombe tried to ramp up the program, federal prosecutors said in an indictment made public Wednesday, he quickly realized that the stoves wouldn't deliver the emissions savings he had promised investors. Rather than admit his mistake, he and his partners cooked the books instead, prosecutors said... That allowed them to obtain carbon credits worth tens of millions of dollars that they didn't deserve, prosecutors said. On the basis of the fraudulently gained credits, prosecutors said, C-Quest was able to secure $250 million in funding from an outside investor.

"The alleged actions of the defendants and their co-conspirators risked undermining the integrity of [the global market for carbon credits], which is an important part of the fight against climate change," said Damian Williams, the U.S. attorney for the Southern District of New York.
From announced by the U.S. Attorney's Office: U.S. Attorney Damian Williams said... "The alleged actions of the defendants and their co-conspirators risked undermining the integrity of that market, which is an important part of the fight against climate change. Protecting the sanctity and integrity of the financial markets continues to be a cornerstone initiative for this Office, and we will continue to be vigilant in rooting out fraud in the market for carbon credits...."

While most carbon credits are created through, and trade in compliance markets, there is also a voluntary carbon market. Voluntary markets revolve around companies and entities that voluntarily set goals to reduce or offset their carbon emissions, often to align with goals from employees or shareholders. In voluntary markets, the credits are issued by non-governmental organizations, using standards for measuring emission reductions that they develop based on input from market participants, rather than on mandates from governments. The non-governmental organizations issue voluntary carbon credits to project developers that run projects that reduce emissions or remove greenhouse gases from the atmosphere.

CQC was a for-profit company that ran projects to generate carbon credits — including a type of credit known as a voluntary carbon unit ("VCU") — by reducing emissions of greenhouse gases. CQC profited by selling VCUs it obtained, often to companies seeking to offset the impact of greenhouse gases they emit in the course of operating their businesses.
The company itself was not charged due to "voluntary and timely self-disclosure of misconduct," according to the announcement, along with "full and proactive cooperation, timely and appropriate remediation, and agreement to cancel or void certain voluntary carbon units.