Author: DA Gadgets

A Chinese national has been convicted of playing a key role in what is believed to be the single largest cryptocurrency seizure in the world, worth more than £5.5bn ($7.4bn).

Zhimin Qian, also known as Yadi Zhang, pleaded guilty on Monday at Southwark Crown Court, London of illegally acquiring and possessing the cryptocurrency.

Between 2014 and 2017, she led a large-scale scam in China by cheating more than 128,000 victims and storing the stolen funds in bitcoin assets, the Metropolitan Police said in a statement.

The Met said the 47-year-old’s guilty plea follows a seven-year probe into a global money laundering web.

Qian had been “evading justice” for five years up to her arrest, which required a complex investigation involving multiple jurisdictions, said Detective Sergeant Isabella Grotto, who led the Met’s investigation.

She fled China using false documents and entered the UK, where she attempted to launder the stolen money by buying property, said the Met.

She had help from another Chinese national, Jian Wen. The former takeaway worker was jailed for six years and eight months last year for her part in the criminal operation.

“Bitcoin and other cryptocurrencies are increasingly being used by organised criminals to disguise and transfer assets, so that fraudsters may enjoy the benefits of their criminal conduct,” said Robin Weyell, deputy chief Crown prosecutor for the Crown Prosecution Service.

“This case, involving the largest cryptocurrency seizure in the UK, illustrates the scale of criminal proceeds available to those fraudsters.”

Monday’s conviction marks the “culmination of years of dedicated investigation”, which has involved the police and Chinese law enforcement teams, said Will Lyne, the Met’s Head of Economic and Cybercrime Command.

The Crown Prosecution Service (CPS) is working to ensure the fraudsters do not get hold of the stolen funds, the statement added.

The CPS said last year that many of the victims had some of their money returned to under a compensation scheme established in China.

Qian is being held in custody ahead of sentencing. The date of her sentencing has yet to be fixed.

Hackers holding pictures and private data of thousands of nursery children and their families to ransom say they will publish more information online unless they are paid.

Criminals calling themselves Radiant hacked the Kido nursery chain and posted profiles of 10 children online on Thursday and a further 10 on Friday.

They have also published the private data of dozens of employees including names, addresses, national insurance numbers and contact details.

Kido has not responded to the BBC’s requests for comment. But it is working with the authorities and the Met Police is investigating.

Speaking on BBC News the former head of the National Cyber Security Centre, Ciaran Martin, described the criminals’ actions as “absolutely horrible”.

But he also urged calm.

“The hackers are trying to stoke up fear and the risk of physical harm to children is extremely low,” he said.

Kido told parents the breach happened when criminals accessed their data hosted by a software service called Famly.

The software is widely used by other nurseries and childcare organisations, and it says on its website it is used by more than one million “owners, managers, practitioners and families”.

“This malicious attack represents a truly barbaric new low, with bad actors trying to expose our youngest children’s data to make a quick buck,” Famly boss Anders Laustsen told the BBC.

“We have conducted a thorough investigation of the incident and can confirm that there has been no breach of Famly’s security or infrastructure in any way and no other customers have been affected.

“We of course take data security and privacy extremely seriously.”

The criminals’ site contains a gallery of 20 children with their nursery pictures, date of births, birthplace and details – such as who they live with and contact details.

Parents have contacted the BBC concerned about the hack, with one mother receiving a threatening phone call from the criminals.

The woman, who did not want to be named, says she received a phone call from the hackers who said they would post her child’s information online unless she put pressure on Kido to pay a ransom.

The mother described the call as “threatening”.

Another parent, Stephen Gilbert, told the Today programme on BBC Radio 4 that someone in his parent’s WhatsApp group also received a call.

“The revelation the children’s details could have been put on the dark web, that’s very concerning and alarming for me.”

But Sean, who has a child at the Kido nursery in Tooting, contacted BBC News to say he sympathises with the staff there.

“We’re in the digital age now where everything’s online and I think you go into this knowing that there is a risk that at some point this could happen,” he said.

“Any parents that are getting angry should probably direct their anger towards the scumbags that have actually done it.

“You only see the people that run your nursery, and all of them are great. And these poor people are the ones getting the brunt of it on the front line.”

Cyber criminals have been known to make calls to victim organisations to put pressure on them to pay ransoms.

But to call individual victims is extremely rare.

In conversations through the messaging app Signal the fluent English-speaking criminals told the BBC English is not their first language and claimed they hired people to make the calls.

It’s a sign of the callousness of the criminals but also a sign of desperation as it appears Kido is not complying.

Police advice is to never pay hacker ransoms as it encourages the criminal ecosystem.

The hackers first contacted the BBC about their breach on Monday.

After they published the first batch of children’s’ data online the BBC asked if they feel guilty about their distressing actions and the criminals said: “We do it for money, not for anything other than money.”

“I’m aware we are criminals,” they said.

“This isn’t my first time and will not be my last time.”

But they also said they would not be targeting pre-schools again as the attention has been too great.

They have since deleted their Signal account and can no longer be contacted.

Additional reporting by James Kelly and Mary Litchfield.

Microsoft has cut off some services to a unit of Israel’s Ministry of Defence after an investigation found its technology had been used to conduct mass surveillance on people in Gaza.

Brad Smith, president of the company, said using the firm’s technology to conduct mass surveillance on civilians was a violation of its standard terms of service.

Mr Smith said the decision, which was prompted by an investigation published by The Guardian, would not affect other work the company does with Israel.

Microsoft’s work with the Israeli government has been a controversial issue, including within the company, prompting protests by employees.

“I know many of you care about this topic,” Mr Smith wrote in a message to staff that was published by the company on Thursday.

He emphasised that the review was ongoing: “I’ll share more information in the coming days and weeks, when it’s appropriate to do so.”

Last month’s investigation by the Guardian, which collaborated with Israeli-Palestinian publication +972 Magazine and Hebrew-language outlet Local Call, found that a unit of the Israeli defence ministry used the expansive storage capacity of Microsoft’s cloud service, Azure, to create a giant trove of calls made by ordinary Palestinians that it had intercepted.

The ability to collect, play back and analyse communications with such breadth helped to shape military operations in Gaza and the West Bank, according to their investigation.

Microsoft, which has responded to protests from staff over its work for Israel by firing some employees, said it launched its own review in response to the article.

The company said it did not access the content of its customers as part of that review but found other evidence to support elements of the article, including consumption of storage capacity in the Netherlands and use of AI services.

It subsequently informed the Israeli Ministry of Defence that it would “cease and disable” certain “subscriptions and their services, including their use of specific cloud storage and AI services and technologies”, according to Mr Smith.

“We have reviewed this decision with IMOD and the steps we are taking to ensure compliance with our terms of service, focused on ensuring our services are not used for mass surveillance of civilians,” Mr Smith wrote, saying the firm’s review had been guided by its commitment to privacy.

The Guardian reported that the unit in question planned to transfer its data to a cloud platform sold by Amazon. Amazon did not respond to a request for comment.

Earlier this year, a United Nations expert called on dozens of multinational companies to stop doing business with Israel, warning them they risked being complicit in war crimes in Gaza and the occupied West Bank.

Microsoft was among those named in the report from Francesca Albanese, which was presented to the UN human rights council.

It also named firms such as Amazon and Alphabet, which like Microsoft have faced internal pressure on the issue from some staff.

TikTok’s algorithm – the technology that determines what users see in their feed – will be copied and retrained using US user data as part of a deal to secure the app’s future in the country.

A White House official said on Monday that TikTok’s recommendation system will be audited by tech giant Oracle, and operated by a new joint venture involving US investors in order to meet requirements for the app’s sale.

It comes after President Donald Trump said a deal to prevent the app’s ban in the US, unless sold by its Chinese parent company ByteDance, had been reached with China’s approval.

The BBC has approached ByteDance and TikTok for comment.

White House officials claim the deal will be a win for the app’s US users and citizens.

President Trump is expected to sign an executive order later this week on the proposed deal, which will set out how it will comply with US national security demands.

The order will also outline a 120-day pause to the enforcement deadline to allow the deal to close.

It is unclear whether the Chinese government has approved this agreement, or begun to take regulatory steps required to deliver it.

However, the White House appears confident it has secured China’s approval.

Data belonging to the 170m users TikTok says it has in the US is already held on Oracle servers, under an existing arrangement called Project Texas.

It saw US user data siphoned off due to concerns it could fall into the hands of the Chinese government.

A senior White House official said that under President Trump’s deal, the company would take on a comprehensive role in securing the entirety of the app for American users.

They said this would include auditing and inspecting the source code and recommendation system underpinning the app, and rebuilding it for US users using only US user data.

Oracle, which provides cloud computing infrastructure for a growing number of companies including ChatGPT-maker OpenAI, has been long rumoured to play a role in President Trump’s deal.

It recently reported a surge in demand among AI companies for its data centres, which helped push its stock dramatically higher and briefly made its co-founder and chairman Larry Ellison the world’s richest person.

Earlier this year, President Trump said he would like to see Mr Ellison buy TikTok.

Private equity firm Silver Lake, which has investments in companies including Manchester City football club owners City Football Group, was revealed to also be involved in the deal.

White House officials said the new joint venture controlling the app would be seeking patriotic investors and board members experienced in cybersecurity to oversee its operations.

They believe the value of the deal would likely amount to billions of dollars.

But Jasmine Enberg, principal social media analyst at eMarketer, said that changes to the way TikTok works for US users could risk putting them off the app or potentially lower its value for creators, brands and investors.

“Material (or even perceived) changes to the content, algorithm or app policies could prompt massive shifts in user behaviour,” she told BBC News.

“While the details of the deal still aren’t clear, if a US-only algorithm cuts US TikTok users off from content in the rest of the world, that could degrade the user experience.”

US President Donald Trump has said he and Chinese Premier Xi Jinping approved a deal on the future of TikTok’s US operations during a phone call on Friday, although there was no confirmation from Beijing.

Trump wrote on Truth Social the call was “productive” and he “appreciated” Xi’s approval of deal, which would reportedly see TikTok’s US business sold to a group of US investors.

China’s official state news agency Xinjua left the outcome of their discussion less clear, with Xi quoted as saying that Beijing “welcomes negotiations over TikTok”.

TikTok, which is run by Chinese firm Bytedance, was previously told it had to sell its US operations or risk being shut down.

Trump, however, delayed implementing the ban four times since it was first announced in January, and earlier this week extended the deadline again to December.

In his post, Trump wrote the two had “made progress” on trade issues and would meet at the Asia-Pacific Economic Cooperation (Apec) summit, scheduled to begin at the end of October in South Korea, and said he would travel to China.

“I also agreed with President Xi that we would meet at the Apec Summit in South Korea, that I would go to China in the early part of next year,” Trump said, adding that Xi would travel to the US at “an appropriate time”.

Trump told reporters on Friday afternoon that a deal still had to be signed, and signalled there could be a formal process to do so soon.

“We look forward to getting that deal closed,” he said, adding that the US would have “very tight control” of the app.

That deal will reportedly see a group of US firms – said to include Oracle, which was co-founded by Trump ally Larry Ellison – that would enable TikTok to continue operating in the US, using algorithm technology licensed from ByteDance.

A sticking point in negotiations appears to be who will own the powerful algorithm that pushes content to TikTok’s 170 million American users.

Speaking alongside British Prime Minister Sir Keir Starmer in the UK on Thursday, Trump sidestepped a question from a reporter about whether an American buyer would need to build a new algorithm, or if they could continue to use the current algorithm.

Trump added he believes TikTok has “tremendous value” to the US.

“The people that are investing it are among the greatest investors in the world,” he said. “And they’ll do a great job – and we’re doing it in conjunction with China.”

Xinhua reported that China’s position on TikTok is “very clear” and that it welcomed firms to “conduct commercial negotiations based on market rules and reach solutions that comply with Chinese laws and regulations and a balance of interests”.

“We hope that the US will provide an open, fair and non-discriminatory business environment for Chinese companies to invest in the United States,” it added.

A statement by ByteDance on Friday cast further doubt on the status of a deal.

“ByteDance will work in accordance with applicable laws to ensure TikTok remains available to American users through TikTok US,” a ByteDance spokesperson said.

The spokesperson thanked both presidents for “their efforts to preserve TikTok in the United States”.

Many US lawmakers – including some from within Trump’s own party – have expressed unease with the prospect of a deal, citing ongoing concerns about ByteDance’s links with the Chinese Communist Party, or CCP.

“I am concerned the reported licensing deal may involve ongoing reliance by the new TikTok on a ByteDance algorithm that could allow continued CCP control or influence,” Michigan Republican representative John Moolenar, chair of the House Select Committee on the Chinese Communist Party, said in a statement.

While Trump initially called for TikTok to be banned during his first term, he has changed course, and on Thursday said he viewed the platform as a key part of his 2024 electoral campaign.

In January, the US Supreme Court upheld a law first passed in early 2024, banning the app unless ByteDance divested from its US operations. The app went “dark” only briefly at the time, before the ban was delayed.

The US Department of Justice previously expressed concerns that TikTok’s access to the data of US users posed a national security threat of “immense depth and scale”.

The call between Xi and Trump is the second so far this year.

In June, the two leaders spoke to discuss China’s export of rare earth minerals, resulting in China agreeing to approve a “certain number” of export permits to US companies, as well as the magnets made from them.

Chinese and US officials have held four rounds of talks in recent months, and so far held off on implementing extremely high tariffs and strict export controls.

The US has already imposed 20% tariffs on some Chinese goods it says are linked to fentanyl trafficking.

Other thorny issues – including tech export restrictions and Chinese purchases of US agricultural products – so far remain unresolved.

Two teenagers have been charged in connection with a massive cyber attack which caused Transport for London (TfL) months of disruption.

The National Crime Agency (NCA) says it believes the hack – which began on 31 August last year – was carried out by members of the cyber-criminal group, Scattered Spider.

Thalha Jubair, 19, from east London, and Owen Flowers, 18, from Walsall in the West Midlands, were arrested at their home addresses on Tuesday by the NCA and City of London Police.

Both appeared at Westminster Magistrates Court on Thursday afternoon charged with conspiring together to commit unauthorised acts against TfL, under the Computer Misuse Act.

They have been remanded in custody to appear at Southwark Crown Court at a later date.

TfL says the hack caused it £39m of damage and disruption.

The hack disrupted TfL services for three months.

Whilst trains, buses and other transport was unaffected, many TfL online services and connected information boards went offline as part of the attack.

TfL wrote to around 5,000 customers to say there may have been unauthorised access to their personal information such as bank account numbers and sort codes.

Data including names, emails and home addresses were accessed.

Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “Today’s charges are a key step in what has been a lengthy and complex investigation.

“This attack caused significant disruption and millions in losses to TfL, part of the UK’s critical national infrastructure.”

The court heard that the TfL hack occurred while Mr Flowers was on bail.

After he was arrested, detectives found evidence he had also targeted US healthcare companies.

Mr Flowers has been charged with conspiring, with others, to infiltrate and damage the networks of SSM Health Care Corporation and attempting to do the same to Sutter Health.

When Mr Flowers appeared in court, he wore a grey hoodie with “off the grid” written on it. Mr Jubair sat next to him, wearing a black hoodie and black glasses.

Neither man spoke to each other during the proceedings.

TfL’s 25,000 staff were forced to report into offices around the capital to have their identities verified as part of the large and lengthy recovery operation.

In a statement on Thursday afternoon, it said: “We welcome this announcement by the National Crime Agency that two people have now been charged in relation to the cyber incident which impacted our operations last year.”

Earlier this year, the NCA warned of an increasing threat from cyber criminal gangs based in the UK and other English-speaking countries, such as Scattered Spider.

Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack.

The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world.

Kering, the parent company of the luxury brands, has confirmed the breach and says it disclosed the incident to the relevant data protection authorities.

It said no financial information, such as card details, were stolen.

The firm also says it has emailed customers affected but has not said how many, or made any public statements about the hack.

Legally, the company is not obligated to make any public statements about the breach as long as it has notified all individuals affected through other means.

The cyber criminal behind the attack calls themselves Shiny Hunters.

They claim to have data linked to 7.4m unique email addresses which suggests the total number of individual victims could be similar.

A small sample shared with the BBC as proof contained thousands of customer details which appear to be genuine. Once analysed the files were deleted.

One of the details in the stolen data is “Total Sales” which shows how much money a person has spent with each brand.

Some customers are shown to have spent more than $10,000 with a handful spending $30,000-$86,000 in stores in the small sample analysed by the BBC.

This information is particularly concerning for victims as it could lead to high spenders being targeted by secondary hacks and scams if the hacker decides to leak the information to other criminals.

Shiny Hunters appears to be acting alone and told the BBC over Telegram chat that they breached the luxury brands in April through Kering.

The hacker contacted the French company in early June and claims to have been in on-off negotiations with them over a ransom to be paid in Bitcoin. This is denied by the company which says it has not engaged in any conversations with the criminal.

The company says it has refused to pay the hacker in accordance with long-standing law enforcement advice.

“In June, we identified that an unauthorized third party gained temporary access to our systems and accessed limited customer data from some of our Houses. No financial information – such as bank account numbers, credit card information, or government-issued identification numbers – was involved in the incident,” a Kering spokesperson said adding it has since secured its IT systems.

The data breach which happened in April came at the time of a wave of attacks on luxury brands including Cartier and Louis Vuitton also disclosed breaches to customers and the public.

It’s not known if those attacks are linked to Shiny Hunters.

In June, cyber security experts at Google issued a warning about a trend of attacks linked to Shiny Hunters that the tech giant also subsequently fell victim to.

The hacker or hackers are known by Google as UNC6040 which have been stealing data through tricking employees into handing over their log in details for internal company Salesforce software.

Stolen information in cyber-attacks may include your name, address, date of birth and online order history.

Scammers may use these to try and look genuine and contact you pretending to be another organisation, including a bank or government.

So it’s important to stay vigilant if you receive suspicious emails, messages or phone calls.

Be aware that scammers often try and press you to do something urgently.

If you do get a call from your bank and are unsure if it’s genuine, hang up and call the number on your card or the bank’s website.

The National Cyber Security Centre says you should change your password, and use two-factor authentication if possible.

Passwords made up of three random words are harder to crack, and do not reuse password across multiple accounts.