#china-linked-scams

#china-linked-scams

The man in his early twenties from a Paris suburb had been charged with 'terrorist criminal conspiracy' and remanded in custody. French counter-terrorism prosecutors suspect he asked teenagers to place an explosive device outside the US financial institution near the famed Champs-Elysees avenue.

Daniil Maksimovich Shchukin, 31, of Krasnodarskiy, Russia, led the two ransomware operations between early 2019 and mid-2021, involved in 130 extortion attempts.

Investigations found that Li Xiong, the former chairman of Huione Group under the Prince Group, is suspected of multiple crimes. Li was identified as a core member of Chen Zhi's criminal gang.

An undercover investigation, aired during China Central Television's annual consumer rights gala on March 15, examined how fabricated online content can shape AI-generated responses. According to the South China Morning Post, the report exposed a system called Liqing that was used to automatically publish large volumes of expert reviews, industry rankings, and user feedback for a non-existent fitness tracker called the Apollo-9.

Chinese users rushed to install OpenClaw on their devices, even forming long lines outside Tencent's headquarters in Shenzhen and Baidu's headquarters in Beijing to get engineers to help install the AI agent. Others paid strangers online to set it up for them.

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

The email seen by at least some customers of the Emma email platform was a phishing scam. Hackers hoped to inspire instant panic with the words, 'As part of our commitment to supporting U.S. Immigration and Customs Enforcement (ICE), we will be adding a Support ICE donation button to the footer of every email sent through our platform.'

Tycoon 2FA, a Phishing-as-a-Service (PhaaS) platform, enabled thousands of cybercriminals to steal login credentials and session tokens. Even accounts secured with MFA could be compromised via a single email. The service had been active since at least 2023 and quickly grew to become one of the most widely used phishing platforms in the world.

The attacker was using API calls to communicate with SaaS apps as command-and-control (C2) infrastructure to disguise their malicious traffic as benign, a common tactic used by threat actors when attempting to improve the stealth of their intrusions. Rather than abusing a weakness or security flaw, attackers rely on cloud-hosted products to function correctly and make their malicious traffic seem legitimate.