South Korean authorities have come under scrutiny after a large stash of seized Bitcoin went missing during a routine check. The loss was discovered when officials found that some of the wallets that had been held as criminal evidence were empty.

According to multiple reports, the value of the missing Bitcoin is about 70 billion won — roughly $47.7–$48 million.

How Officials Found The Theft

Reports say the gap showed up during a routine audit of confiscated digital assets at the Gwangju District Prosecutors’ Office.

An internal check flagged transfers from wallets that had been marked as evidence, and investigators traced the movement back to external addresses. The office immediately opened an inquiry to determine how access was lost and whether any recovery is possible.

Initial findings point to a phishing scam as the trigger. According to local coverage, a staff member accessed a fraudulent website that impersonated a legitimate service, and that interaction exposed passwords and private keys.

Once the credentials were captured, the Bitcoin was moved out in transactions that cannot be reversed.

Security Lapses And USB Storage

Reports note that some of the access details for the seized assets were kept on portable drives rather than in hardened custody systems.

That practice appears to have made it easier for attackers to grab the keys once the phishing trap was sprung. Simple mistakes can cost millions when the asset is bearer-like and transfers are final.

The theft has raised hard questions about how state agencies handle crypto. Some experts say that the tools used by prosecutors were more suited to personal use than to government-level custody.

There are calls for stricter rules, multi-signature setups, and cold storage protocols that do not rely on easily copied passwords.

Tracing The Bitcoin

Blockchain records show the funds moving through several wallets after the initial transfer. That public trail gives investigators leads, but tracing tokens to a final cash-out point is often slow and requires cooperation from foreign exchanges and on-chain analytics firms. Reports say authorities are working with outside specialists to map the flow.

What Prosecutors Are Doing Next

The Gwangju prosecutors’ office has vowed a full probe, and officials are trying to reconstruct events step by step.

There are also signs that the incident will trigger a review of national procedures for holding seized digital property. Some lawmakers and legal experts have already called for clearer standards and oversight.

Featured image from Pexels, chart from TradingView

That LinkedIn message pretending to be job offer could just be malwre.

Cryptocurrency hackers are exploiting trusted Linux software to steal digital assets, using a new technique that turns legitimate Snap Store packages into malware.

Rather than creating fresh accounts on the Snap Store, which is operated by Canonical, attackers are now taking over existing publisher accounts, according to a warning from Ubuntu contributor and former Canonical developer Alan Pope.

The method relies on identifying expired web domains and email addresses linked to long-standing Snap Store developers, registering those domains, and then using the recovered access to hijack Snapcraft accounts.

Attackers Turn Legitimate Packages Malicious

Once inside, the attackers push malicious updates to packages that were previously benign, catching users off guard through automatic updates and long-established trust signals.

The Snap Store, like other major package repositories, has long been a target for malware campaigns.

Early efforts were relatively unsophisticated, with scammers publishing fake crypto wallet applications under newly created accounts.

When those attempts became easier to detect, attackers began disguising malicious apps using lookalike characters from other alphabets to evade filters.

According to Pope, the tactic then evolved into a bait-and-switch approach. Attackers would publish harmless software under neutral names such as “lemon-throw” or “alpha-hub,” often posing as simple games. After approval and a period of inactivity, a follow-up update would quietly introduce a fake crypto wallet designed to steal funds.

The latest development raises the stakes. In at least two confirmed cases, attackers took control of expired domains once owned by legitimate Snap publishers and used them to distribute wallet-stealing malware through automatic updates.

A new Snap Store scam campaign abuses expired publisher domains to bypass trust signals and deliver malicious app updates.https://t.co/nWL9HGXACe#Linux #OpenSource

— Linuxiac (@linuxiac) January 19, 2026

The affected applications appeared normal on the surface but were built to harvest wallet recovery phrases and transmit them to attacker-controlled servers.

By the time users noticed suspicious behavior, funds and sensitive data were already compromised.

Canonical has since removed the malicious snaps, but Pope warned that the response highlights deeper weaknesses in the platform’s trust model.

He said domain takeovers undermine publisher longevity as a safety signal and called for additional safeguards, including monitoring domain expirations, enforcing stronger account verification for dormant publishers, and requiring mandatory two-factor authentication.

Security Researcher Warns of Delayed Snap Store Takedowns

Pope also noted delays in removing reported malicious snaps, sometimes stretching over several days.

He advised users to exercise extra caution when installing cryptocurrency wallets on Linux and to consider downloading them directly from official project websites instead of app stores.

To help users assess risk, Pope created SnapScope, a web-based tool that flags snaps as suspicious or malicious before installation.

He also urged developers to keep domain registrations active and secure Snapcraft and email accounts with two-factor authentication.

According to Chainalysis, illicit cryptocurrency addresses received a record $154 billion in 2025, a sharp increase from the year before.

In another case, US prosecutors have charged a 23-year-old Brooklyn resident, Ronald Spektor, with stealing roughly $16 million in cryptocurrency from around 100 Coinbase users through an alleged phishing and social engineering scheme.

The post Hackers Hijack Snap Store Accounts to Push Crypto-Stealing Malware on Linux appeared first on Cryptonews.

As AI makes scams more convincing and easier to scale, small businesses are losing money at alarming rates, with those losses increasingly showing up in what buyers pay.

The post AI is wreaking havoc with scams, and it’s raising the bills for buyers appeared first on Digital Trends.

Seoul investigators say they have disrupted a secret money-transfer network that moved roughly 150 billion won—about $102 million—into and out of South Korea using a mix of mobile payment apps and cryptocurrencies.

Reports say three people have been formally accused under the country’s foreign exchange laws after a probe that traced the scheme over several years.

How Money Moved Through Apps

According to the Korea Customs Service, the group collected money from customers using platforms like WeChat Pay and Alipay, then used those funds to buy virtual coins abroad.

Those coins were shifted into digital wallets in Korea and converted to Korean won through many bank accounts.

The pattern was basic and careful. Cash or mobile transfers arrived from overseas. Crypto purchases followed in multiple countries to avoid any one regulator seeing the full trail.

Finally, the funds were funneled into local accounts under different names. This took place over a long window, from September of 2021 until June of last year, investigators say.

Covering Tracks With Everyday Costs

According to reports, the ring hid the origin of money by dressing transfers up as ordinary expenses — payments for cosmetic surgery, fees for overseas study, and trade-related charges. Those labels made the flows look normal on paper and helped the group slip past routine checks.

Bank transfers were layered with small, seemingly legitimate payments. That made suspicious activity harder to spot until customs officers pieced together patterns across accounts and platforms.

At that point, the scope became clear: these were not isolated transfers but a linked series of transactions designed to wash large sums.

What Authorities Recovered

Investigators arrested and referred three Chinese nationals for prosecution, saying the suspects handled the bulk of the scheme’s operations.

Records show almost 150 billion won was moved in the period under review. Authorities have opened cases under the foreign exchange transactions law and are seeking to trace the remaining funds.

The case underlines how easy it can be for cross-border payment tools and crypto markets to be used together.

Regulators in Korea have been tightening rules for both mobile wallets and exchanges in recent months, and courts have allowed seizures of crypto assets in criminal probes. That legal backdrop helped the customs office act when the patterns surfaced.

Featured image from Dao Insights, chart from TradingView

Resecurity has identified PDFSIDER malware that exploits the legitimate PDF24 App to covertly steal data and allow remote access. Learn how this APT-level campaign targets corporate networks through spear-phishing and encrypted communications.

The Nigerian Securities and Exchange Commission (SEC) is maintaining an intense focus on the local cryptocurrency industry, as indicated by recent developments. While introducing minimum capital requirements for previously unregulated virtual asset service providers (VASPs), the securities regulator has also formed an alliance with the Nigeria Police Force (NPF) against cryptocurrency fraud, among other illegal operations.

Nigerian SEC Looks To Improve Crypto Investors’ Protection

According to local media Voice of Nigeria, the SEC is ramping up efforts aimed at investor protection and transparent market operations in the crypto ecosystem. In a recent meeting with the NPF, the Commission’s Director-General (DG), Dr. Emomotimi Agama, communicated to the Inspector General of Police (IGP), Kayode Egbetokun, concerns over malicious actors in the financial markets who exploit investors’ trust for personal gains. 

Dr. Agama said:

They cloak their deceit in the glamorous but misunderstood language of cryptocurrency and forex trading. They target the vulnerable, the optimistic, and the simply unsuspecting, leaving behind a trail of shattered lives, depleted pensions, and broken trust. This is not just a financial crime; it is a social menace that erodes public confidence in our entire financial system.

Currently, there is a gap, a seam between identification and enforcement that these scammers exploit. Today, we aim to close that gap permanently.

In particular, the SEC DG is proposing the formation of a specialized SEC-NPF team with members who bring understanding of the financial principles and operations and the tactical intelligence to curb these investment frauds and protect the Nigerian cyberspace. The IGP approved the collaboration request while also stating a strong commitment to help the SEC achieve its aims.

Crypto Fraud In Nigeria

Notably, Nigerians have been victims of several cryptocurrency investment scams in the past few years. The most prominent of these is the Crypto Bridge Exchange (CBEX) platform, which crashed in April 2025, losing over N1.3 trillion ($916 million) in user funds. 

The Nigerian SEC is strongly committed to reducing such menace as shown by the recent collaboration with the NPF alongside other measures such as a revised minimum capital requirements for VASPs and a published list of all identified fraudulent crypto and financial investment businesses. 

Notably, Nigeria remains one of the fastest-growing crypto hubs globally. According to data from TripleA, approximately 10.34% of Nigeria’s population, i.e., 22 million people, hold one digital asset or the other, therefore indicating the need for an effective regulatory oversight and protection system. 

Hackread.com exclusive: Scammers are using verified PayPal invoices to launch callback phishing attacks. Learn how the "Alexzander" invoice bypasses Google filters.

Impersonation scams exploded in 2025, growing by about 1,400% and driving some of the biggest losses seen in crypto fraud to date. According to analysis by Chainalysis, scammers used AI tools, voice cloning and fake customer-support schemes to scale up attacks, pushing total scam losses on chain into the low-double-digit billions.

Impersonation Scams Jump Dramatically

Reports have disclosed that the rise was not just in the number of cases but in how much each case cost victims. The average amount taken in impersonation schemes rose by over 600% compared with the prior year, a jump that turned many small cons into large heists. Chainalysis highlights the role of automated tooling and commercially available phishing services that let scammers run scams like factories.

Criminals Used AI And Deepfakes

Fraudsters leaned heavily on AI techniques in 2025. Based on reports, AI-generated voice and face clones, paired with very believable messages, helped criminals impersonate exchange staff, celebrities or close contacts. These methods increased both reach and success rates. Industry writeups and analysts show that AI-enabled scams were several times more profitable than older approaches.

A High-Profile Example Shows The Risk

One public example involved scammers posing as a major exchange and clearing nearly $16 million from victims in a single operation. That case became a headline because it showed how quickly an impersonation scam can turn into a mass theft when it uses polished fake identities and coordinated social engineering. Financial news outlets and industry trackers used that case to illustrate the shift in tactics.

Operations Became Industrialized

Based on Chainalysis data, scam groups now resemble small businesses. They outsource parts of the fraud chain — writing scripts, buying deepfake clips, and hiring money movers. This setup made fraud more efficient and harder to disrupt. One analysis found AI-assisted schemes were about 4.5 times more profitable than traditional scams, a gap that attackers exploited to level up operations quickly.

Estimates of total crypto scam losses for 2025 vary by outlet, but multiple sources put the number well into the billions. Some trackers reported $14 billion in funds stolen on chain, while Chainalysis noted the figure could be as high as $17 billion once more data is tallied. The difference reflects how quickly new incidents were discovered and how some thefts moved off public rails.

Featured image from Unsplash, chart from TradingView

Telegram mods spread a powerful Android backdoor as banking trojans surge and Joker malware resurfaces on Google Play in Q4 2025, says Doctor Web.

The breach occurred through a compromised third-party marketing platform, allowing attackers to impersonate the trusted financial service.

The post Betterment Customer Data Exposed in Crypto Scam Hack appeared first on TechRepublic.

The breach occurred through a compromised third-party marketing platform, allowing attackers to impersonate the trusted financial service.

The post Betterment Customer Data Exposed in Crypto Scam Hack appeared first on TechRepublic.

Scammers are using fake October 2025 performance reviews to trick staff into installing Guloader and Remcos RAT malware. Learn how to identify this threat and protect your personal data from remote hackers.

Meet OPCOPRO, an online scam that builds a fake AI-run world like The Truman Show using WhatsApp and apps to steal IDs via fake KYC and investments.

Authorities caught 34 members of the notorious Black Axe gang in Spain known for stealing millions of Euros through online romance scams and email fraud.

Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group's global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud.

💾

Researchers at Acronis have discovered a new campaign called Boto Cor-de-Rosa, where the Astaroth banking malware spreads like a worm through WhatsApp Web to steal contact lists and banking credentials.

Security researchers have identified two malicious Chrome extensions recording AI chats. Learn how to identify and remove these tools to protect your privacy.

Alleged scam kingpin Chen Zhi was arrested in Cambodia and extradited to China, bringing a dramatic close to one of Asia’s largest criminal networks.

The post Cambodia’s $15B Crypto Scam Empire Collapses After Arrest appeared first on TechRepublic.

Alleged scam kingpin Chen Zhi was arrested in Cambodia and extradited to China, bringing a dramatic close to one of Asia’s largest criminal networks.

The post Cambodia’s $15B Crypto Scam Empire Collapses After Arrest appeared first on TechRepublic.