The Crown Prosecution Service (CPS) confirmed that 42 Bitcoin and other digital assets tied to Joseph James O’Connor will now be recovered under a Civil Recovery Order.

O’Connor, 26, had admitted to gaining access to dozens of high-profile Twitter accounts in July 2020, using them to push fake Bitcoin investment messages that deceived victims across multiple countries. 

The attack struck 130 accounts, including those of Barack Obama, Joe Biden, Elon Musk, Bill Gates, Apple and Uber. With internal tools compromised, he bypassed security checks and password protections, turning some of the world’s most visible accounts into vehicles for fraud.

The CPS said the recovered assets show the current market value of the cryptocurrency O’Connor obtained through these schemes. British authorities worked with counterparts in the United States and Spain, where the Twitter hacker was arrested in 2021, to ensure the funds could not be hidden or moved before the order took effect.

Adrian Foster, chief crown prosecutor for the CPS Proceeds of Crime Division, said the case shows that British enforcement can still reach offenders convicted abroad. “Joseph James O’Connor targeted well-known individuals and used their accounts to scam people out of their crypto assets and money,” he said. 

“We were able to use the full force of our powers to ensure that even when someone is not convicted in the UK, we can still prevent them from benefiting from their criminality.”

O’Connor, widely known online as “PlugwalkJoe”, was later sentenced to five years in a U.S. court after pleading guilty to computer intrusion, wire fraud, extortion and charges linked to SIM-swapping attacks that stole cryptocurrency and personal data from additional victims.

The July 2020 breach exposed serious vulnerabilities in Twitter’s internal systems. Investigators found that unauthorised access to admin tools allowed hackers to reset passwords and override two-factor authentication. 

The fallout pushed Twitter, now X, to overhaul its internal security, tighten staff privileges, introduce multi-layered authentication for internal systems and expand training to minimise insider risks. 

The incident also led to discussions on the fragility of social-media infrastructure and the dangers of centralised access systems.

The order against O’Connor ranks among the largest crypto seizures tied to cybercrime in UK legal history. For British prosecutors, it stresses the current use of civil recovery powers to block criminals from profiting even when their convictions occur overseas.

International agencies involved in the case said the outcome reveals the scale of coordination now required to pursue cross-border cybercrime, especially offences involving cryptocurrency, fast-moving digital markets and globally used platforms.

The post British Hacker Ordered to Surrender £4.1m in Bitcoin Linked to 2020 Twitter Breach appeared first on Tech | Business | Economy.

A recent report from cybersecurity firm Kaspersky reveals that scammers are using Google’s legitimate form submission system to create highly deceptive emails that appear to confirm receipt of a crypto transaction. 

But these messages are elaborate bait to trick victims into sending money under false pretences.

The scam starts with a simple form submission. The attacker enters the target’s email address into a pre-filled Google Form. This triggers an automated confirmation email from Google, containing the platform’s official logo and formatting, enough to convince many recipients it’s genuine. 

But the message is entirely fabricated, part of a scheme to coax users into believing they’ve received a large cryptocurrency transfer.

What happens next is where the trap is set. The email includes a message prompting the recipient to “claim” the crypto transfer before the offer expires. Clicking the embedded link redirects users to a fake website that impersonates a blockchain support page. There, they are told to pay a “commission” in cryptocurrency to unlock the so-called funds.

There are no funds. Once the fee is paid, the scammers disappear.

According to Kaspersky’s Email Threats Protection Group Manager, Andrey Kovtun, “This campaign demonstrates a cunning exploitation of a trusted and widely used platform to deliver scam attacks on cryptocurrency users.” 

He added, “By crafting fraudulent submission confirmation emails that mimic legitimate notifications from crypto exchanges, attackers used the platform’s credibility to bypass email filters and lure victims into divulging sensitive wallet credentials.”

It’s a disturbingly effective tactic. The use of Google Forms, a tool most people associate with harmless surveys and registration sheets, gives the scam a veneer of legitimacy. 

Most spam filters don’t catch the emails because they come directly from Google’s servers and include authentic links like forms.gle, which email systems recognise as trustworthy.

And it’s not just the delivery method that’s clever, the language used in these emails is designed to create urgency. Victims are told the transaction will “expire,” pushing them to act quickly without thinking critically. It’s a psychological tactic commonly used in phishing, but now reinforced with the trust many have in Google.

Reports indicate that this form-based scam has surged by over 60% since last year, and with the rising adoption of digital currencies globally, the trend shows no sign of slowing.

For users, the advice is not to click on unexpected links, no matter how authentic the source looks. Never send crypto payments or personal details in response to unsolicited messages. And most importantly, confirm any financial communication via official platforms or apps, not through email links.

In addition to basic digital hygiene, users are urged to educate family and friends, especially those new to crypto, about emerging scams. Setting up email filters to catch keywords such as “Create your own Google Form” might help, but it’s not foolproof, especially since legitimate services also use the same infrastructure.

The post Crypto Scammers Now Exploiting Google Forms to Bypass Email Filters, Defraud Users appeared first on Tech | Business | Economy.

Speaking during an interview with TVC, EFCC Chairman Ola Olukoyede confirmed that the agency is deep into its probe of the scheme. “We have gone far with CBEX. We have been able to recover a reasonable amount of money,” he stated.

CBEX had lured Nigerians with promises of 100% returns in 30 days, using seminars and well-packaged presentations, including appearances by individuals posing as capital market professionals. 

Behind the scenes, however, foreign operatives were orchestrating a large-scale fraud with the support of local recruits. Many investors watched their account balances vanish after withdrawal restrictions began on 9 April 2025.

Olukoyede revealed that the EFCC has been tracking the flow of funds through complex layers of cryptocurrency wallets. “Even though in the crypto wallet, the same way the money was taken from them, there is no way you will get them in dollars. There is no way you get the dollars in cash without necessarily going through the same process,” he explained.

The fraudsters used non-custodial wallets, unregistered and anonymous, making it difficult to trace the end beneficiaries. “We are still investigating a lot of wallets and the wallets they created are called noncustodian wallets; in other words, no KYC. So, you can’t trace it to anybody,” he said. 

These funds were moved through Europe, with Eastern Europe and Cambodia identified as key destinations. “From the noncustodial wallet, they moved it to some wallets in Europe, Eastern Europe, particularly Cambodia and from there, they dispersed the money. We have been able to block some of these wallets where money has not been dispersed.”

The agency says it has arrested some suspects but is still searching for others who fled. “We are not going to give out too much because we don’t want the process to be truncated,” Olukoyede said. “We are still after quite a number of people that we have declared wanted.”

The scheme’s deceptive structure, the chairman noted, involved foreigners partnering with Nigerians to register clients, organise awareness campaigns, and hold investment seminars. 

“They registered the clients and they used them to create awareness. In fact, they have seminars. We have the tape of their seminars and their conferences. They bring in professionals, people who are specialists in capital markets. Yes, there was the case that they brought a PhD holder, a specialist in capital markets.”

Thousands of Nigerians, believing the platform was credible, invested their savings, only for it to collapse. Many were told to deposit additional funds in order to reactivate their frozen accounts. Victims reported being asked to pay at least $100, or $200 if their balance exceeded $1,000.

However, even after the collapse, CBEX reportedly resumed operations under the radar, reactivating new user registration and offering withdrawals. This was seen by many as a tactic to deflect investigations from legal authorities and attract fresh victims.

The EFCC has warned that the public must stay vigilant. “I even learnt that there are still some of these perpetrators and Nigerians are still falling victim. I believe people should learn from this,” Olukoyede warned.

Investigations continue as the Commission digs deeper into CBEX’s network and monitors blocked wallets for any movement of funds. For now, the fight to reclaim stolen money and hold those responsible to account is still ongoing.

The post CBEX: EFCC Recovers Funds as Trail Leads to Europe, Cambodia appeared first on Tech | Business | Economy.

The incident dates back to mid-2021 when the victim began interacting with an individual identified as “Moshe Theodor McNigh” on Facebook.

The suspect allegedly gained the victim’s confidence and persuaded them to invest in cryptocurrency via a platform called Legacyfxtraders.online.

By the end of 2021, Nigerian authorities confirmed the scam, launching an investigation into the matter.

The recovery process involved multiple agencies, including Toronto Police’s Coordinated Cyber Centre (C3), the 51 Division Fraud Unit, and the Financial Crimes Asset Forfeiture Unit. 

These teams worked closely with the Ontario Provincial Police Anti-Rackets Branch, the Canadian Anti-Fraud Centre (CAFC), the Royal Canadian Mounted Police (RCMP), and Nigerian law enforcement.

In 2024, the EFCC arrested a Nigerian national, Omonkhoa Precious Afure, who was implicated in the fraud. The Nigerian courts subsequently declared the seized proceeds as assets belonging to the victim and ordered their return.

Romance and investment scams are increasing worldwide. According to the CAFC, victims in Canada reported losses exceeding $52.5 million to romance scams and $309 million to investment fraud in 2023 alone. However, authorities estimate that only a fraction of these crimes are reported.

Tools for Reporting Fraud

To tackle such schemes, authorities encourage victims to report incidents promptly. In Nigeria, individuals can use the EFCC’s Eagle Eye reporting application, which enables global reporting of cyber-enabled fraud. In Canada, victims can contact the CAFC or local police for assistance.

For those who suspect fraudulent activity, immediate reporting is important to enhance the effectiveness of investigations and hold perpetrators accountable.

The post EFCC, Toronto Police Recover $225,000 in $355,000 Cryptocurrency Fraud Case appeared first on Tech | Business | Economy.

Sophos, a global leader in innovating and delivering cybersecurity as a service, has announced that it has uncovered how research contests run by cybercrime forums are helping to inspire new methods of attack and detection evasion.

The contests mirror legitimate security conference ‘Call For Papers’ and provide the winners considerable financial rewards and recognition from peers and also potential jobs. As outlined in Sophos X-Ops latest report, “For the Win? Offensive Research Contests on Criminal Forums,” these contests are designed to drive innovation, and when analyzed, the entries provide invaluable insight into how cybercriminals attempt to overcome security obstacles.

Despite the long-standing nature of competitions on criminal forums, they have evolved over the years. Early cybercrime contests involved trivia quizzes, graphic design competitions and guessing games.

Now criminal forums are inviting attackers to ‘submit’ articles on technical topics, complete with source code, videos, and/or screenshots. Once submitted, all forum users are invited to vote for the contest winner. However, the judging is not completely transparent as the forum owners and contest sponsors have their own votes in the matter.

“The fact that cybercriminals are running, participating, and even sponsoring these contests, suggests that there is a community goal to advance their tactics and techniques. There is even evidence to suggest that these competitions act as a tool for recruitment amongst prominent threat actor groups,”

said Christopher Budd, director of threat research, Sophos.

“While our research shows an increased focus on Web-3 related topics such as cryptocurrency, smart contracts and NFTs, many of the winning entries had a broader appeal and could be put to practical use, even if they weren’t particularly novel. This may be reflective of the priorities of the community but could indicate that attackers keep their best research to themselves as they can profit more from using them in real-world attacks.”

Sophos X-Ops explored two prominent annual contests: one run by the Russian-language cybercrime forum Exploit, offering a total prize fund of $80,000 to the winner of its contest in 2021, and another run on the XSS forum, with a prize pool of $40,000 in 2022. For several years, prominent members of the cybercriminal community have sponsored these events, including All World Cards and Lockbit.

In the most recent contests, Exploit themed its competition around cryptocurrencies, while XSS opened its contest up to a range of topics from social engineering and attack vectors to evasion and scam proposals. Many of the winning entries focused on abusing legitimate tools such as Cobalt Strike. One runner-up shared a tutorial on targeting initial coin offerings (ICOs) to raise funds for a new cryptocurrency and another on manipulating privilege tokens to disable Windows Defender.  

[]Feature Image Credit]

The post Sophos Research Reveals Adversary-Sponsored Research Contests on Cybercriminal Forums, Methods appeared first on Tech | Business | Economy.