SEOUL – Pro-Russia hacking groups have conducted cyberattacks against South Korea after North Korea dispatched troops to Russia to support its war against Ukraine, Seoul’s presidential office said on Friday.

The office held an emergency intra-agency meeting after detecting denial-of-service attacks on some government and private websites in recent days.

Some of the websites experienced temporary outages but there was no serious damage, it said, adding that the government will strengthen its ability to respond to such attacks.

“Cyber ​​attacks by pro-Russian hacktivist groups on our country have occurred intermittently in the past, but have become more frequent since North Korea dispatched troops to Russia and participated in the Ukraine war,” the office said in a statement.

Seoul and Washington have said there are more than 10,000 North Korean soldiers in Russia, and U.S. officials and Ukraine’s defence minister said some of them have engaged in combat in Kursk, near the Ukraine border.

The new military cooperation between Pyongyang and Moscow has been condemned by South Korea, the United States and Western allies. Ukrainian President Volodymyr Zelenskiy said on Tuesday that the first battles between his country’s military and North Korean troops “open a new page in instability in the world.” REUTERS

WASHINGTON – The woman who dubbed herself the “Crocodile of Wall Street” and “Razzlekhan” in rap videos was ordered to serve 18 months behind bars for helping her hacker husband launder cryptocurrency he stole from the Bitfinex exchange.

Heather Morgan, 34, was sentenced on Nov 18 in Washington federal court. Last week, her husband, Ilya Lichtenstein, got five years in prison for his role in the scheme, which stemmed from his 2016 hack of the exchange and the theft of Bitcoin currently worth billions of dollars. Both pleaded guilty last year.

Morgan wasn’t involved in the hack, and her husband said he recruited her to help hide the loot he’d stolen. They could have faced more prison time, but he agreed to aid the United States in other crypto prosecutions and she persuaded him to cooperate with the authorities.

The Verge, which called her “crypto’s most embarrassing rapper”, said she made crypto-themed rap videos under the name Razzlekhan. The whole story is expected to be immortalized in a Netflix documentary series and a film called Dutch & Razzlekhan, the tech news website said.

According to prosecutors, Morgan and Lichtenstein engaged in complex money-laundering techniques, including creating accounts under fictitious identities, moving the stolen proceeds in small amounts, and breaking up the trail of transactions by depositing and withdrawing funds from crypto exchanges and darknet markets. They purchased nonfungible tokens, gold and Walmart gift cards, court records show. 

At the time of the hack, the stolen Bitcoin was worth about US$71 million (S$95 million). Now it’s valued in the billions of dollars as the price of Bitcoin has surged from US$580 to more than US$90,000. The couple laundered 21 per cent of what was stolen in the Bitfinex hack, according to the government. BLOOMBERG

An Iranian hacking group is actively scouting U.S. election-related websites and American media outlets as election day nears, according to a new Microsoft blog published on Wednesday. Researchers say the activity suggests “preparations for more direct influence operations.”

The hackers – dubbed Cotton Sandstorm by Microsoft and linked to Iran’s Islamic Revolutionary Guard Corps – performed reconnaissance and limited probing of multiple “election-related websites” in several unnamed swing states, the report notes. In May, they also scanned an unidentified U.S. news outlet to understand its vulnerabilities.

“Cotton Sandstorm will increase its activity as the election nears given the group’s operational tempo and history of election interference,” researchers wrote. The development is particularly concerning because of the group’s past efforts.

Iran’s mission to the United Nations did not immediately respond to a request for comment. In recent past comments, they denied any involvement in 2024 election-related hacking activity.

In 2020, Cotton Sandstorm launched a different cyber-enabled influence operation shortly before the last presidential election. Posing as the right-wing “Proud Boys,” the hackers sent thousands of emails to Florida residents, threatening them to “vote for Trump or else!”.

The group also released a video on social media, purporting to come from hacktivists, where they showed them probing an election system. While that operation never affected individual voting systems, the goal was to cause chaos, confusion and doubt, senior U.S. officials said at the time.

Following the 2020 election, Cotton Sandstorm also ran a separate operation that encouraged violence against U.S. election officials who had denied claims of widespread voter fraud, Microsoft said.

The Office of the Director of National Intelligence, which is coordinating the federal effort to defend the election from foreign influence, did not immediately respond to a request for comment. REUTERS

LONDON – Britain’s media regulator Ofcom said on Oct 17 that it would detail what action it expected social media companies to take over illegal content on their platforms in December, saying it expected swift action or they would face consequences.

Ofcom, which is responsible for implementing the government’s Online Safety Bill, said the platforms would have three months to complete their own illegal harms risk assessments after the publication of its demands.

“The time for talk is over,” Ofcom’s Chief Executive Melanie Dawes said on Oct 17. “From December, tech firms will be legally required to start taking action, meaning 2025 will be a pivotal year in creating a safer life online.”

She said the regulator had already seen positive changes, but expectations were going to be high.

“We’ll be coming down hard on those who fall short,” she said.

Ofcom said better protections had already been introduced by Meta, the owner of Instagram and Facebook, and Snapchat which have brought in changes to help prevent children being contacted by strangers.

Britain’s new online safety regime, which became law last year, requires social media companies to tackle the causes of harm, particularly for children, by making their services safer.

If companies do not comply with the new law, they could face significant fines and, in the most serious cases, their services could be blocked in Britain. REUTERS

SEOUL – South Korea has fined Facebook-parent Meta more than 21.6 billion won (S$20.6 million) for illegally collecting sensitive user information from nearly a million people without consent and sharing it with advertisers, the country’s data watchdog said Nov 5.

The firm, which also owns Instagram, ran afoul of laws prohibiting the use of information on political opinions, religious beliefs and people’s sex life unless the individual provides explicit consent, Seoul’s Personal Information Protection Commission added.

It added that the tech giant collected sensitive information from around 980,000 domestic users in South Korea through their Facebook profiles.

This included details about their religious beliefs and whether they are in a same-sex relationship.

The watchdog said it had confirmed that such information was provided to advertisers by Meta, with around 4,000 advertisers using it.

Meta “analysed user behaviour data, including pages liked and ads clicked on Facebook”, to create and implement targeted advertising related to “sensitive themes” such as transgender issues, homosexuality and North Korean defectors, officials said.

The commission said on Nov 5 it had decided to fine Meta 21.6 billion won.

It added that it “also ordered the company to establish legal grounds for processing sensitive information, implement safety measures, and respond diligently to users’ requests for access to their personal data”.

The decision is “significant in that they ensure that foreign operators providing global services must comply with the obligations set forth in (South Korea’s) Protection Act regarding the processing of sensitive information”. AFP