The FBI created a cryptocurrency as part of an investigation into price manipulation in crypto markets, the government revealed on Wednesday. From a report: The FBI's Ethereum-based token, NexFundAI, was created with the help of "cooperating witnesses." As a result of the investigation, the Securities and Exchange Commission charged three "market makers" and nine people for allegedly engaging in schemes to boost the prices of certain crypto assets. The Department of Justice charged 18 people and entities for "widespread fraud and manipulation" in crypto markets.

The defendants allegedly made false claims about their tokens and executed so-called "wash trades" to create the impression of an active trading market, prosecutors claim. The three market makers -- ZMQuant, CLS Global, and MyTrade -- allegedly wash traded or conspired to wash trade on behalf of NexFundAI, an Ethereum-based token they didn't realize was created by the FBI.

"What the FBI uncovered in this case is essentially a new twist to old-school financial crime," Jodi Cohen, the special agent in charge of the FBI's Boston division, said in a statement. "What we uncovered has resulted in charges against the leadership of four cryptocurrency companies, and four crypto 'market makers' and their employees who are accused of spearheading a sophisticated trading scheme that allegedly bilked honest investors out of millions of dollars."

Porch pirates across the country for months have been snatching FedEx packages that contain AT&T iPhones -- within minutes or even seconds of delivery. From a report: The key to these swift crimes, investigators say: The thieves are armed with tracking numbers. Another factor that makes packages from AT&T particularly vulnerable is that AT&T typically doesn't require signature on delivery. Doorbell camera videos show the thefts in New York, Pennsylvania, Delaware, Virginia, Michigan, Georgia, Florida and Texas. The details are similar: A FedEx driver drops off a box with an iPhone from AT&T. Then a person walks up -- sometimes wearing an Amazon delivery vest -- and plucks the package off the front step. The heist can be so quick that in some videos, the FedEx driver and thief cross paths.

"They know what's getting delivered and the location," said Detective Lt. Matt Arsenault from the Gardner Police Department in Massachusetts, which is investigating several recent thefts. "They meet the delivery driver at the front door and take it." Since the pandemic, parcel carriers have reported a rise in porch thefts as workers have returned to offices and fewer people are home during the day to receive packages. Now, a spate of thefts that began a few months ago is targeting FedEx deliveries for AT&T. The two companies said they were working with law enforcement to investigate, and declined to disclose how many such packages have been stolen.

An anonymous reader shared this report from the Washington Post: Hundreds of Americans have been arrested after being connected to a crime by facial recognition software, a Washington Post investigation has found, but many never know it because police seldom disclose their use of the controversial technology...

In fact, the records show that officers often obscured their reliance on the software in public-facing reports, saying that they identified suspects "through investigative means" or that a human source such as a witness or police officer made the initial identification... The Coral Springs Police Department in South Florida instructs officers not to reveal the use of facial recognition in written reports, according to operations deputy chief Ryan Gallagher. He said investigative techniques are exempt from Florida's public disclosure laws... The department would disclose the source of the investigative lead if it were asked in a criminal proceeding, Gallagher added....

Prosecutors are required to inform defendants about any information that would help prove their innocence, reduce their sentence or hurt the credibility of a witness testifying against them. When prosecutors fail to disclose such information — known as a "Brady violation" after the 1963 Supreme Court ruling that mandates it — the court can declare a mistrial, overturn a conviction or even sanction the prosecutor. No federal laws regulate facial recognition and courts do not agree whether AI identifications are subject to Brady rules. Some states and cities have begun mandating greater transparency around the technology, but even in these locations, the technology is either not being used that often or it's not being disclosed, according to interviews and public records requests...

Over the past four years, the Miami Police Department ran 2,500 facial recognition searches in investigations that led to at least 186 arrests and more than 50 convictions. Among the arrestees, just 1 in 16 were told about the technology's use — less than 7 percent — according to a review by The Post of public reports and interviews with some arrestees and their lawyers. The police department said that in some of those cases the technology was used for purposes other than identification, such as finding a suspect's social media feeds, but did not indicate in how many of the cases that happened. Carlos J. Martinez, the county's chief public defender, said he had no idea how many of his Miami clients were identified with facial recognition until The Post presented him with a list. "One of the basic tenets of our justice system is due process, is knowing what evidence there is against you and being able to challenge the evidence that's against you," Martinez said. "When that's kept from you, that is an all-powerful government that can trample all over us."

After reviewing The Post's findings, Miami police and local prosecutors announced plans to revise their policies to require clearer disclosure in every case involving facial recognition.
The article points out that Miami's Assistant Police Chief actually told a congressional panel on law enforcement AI use that his department is "the first to be completely transparent about" the use of facial recognition. (When confronted with the Washington Post's findings, he "acknowledged that officers may not have always informed local prosecutors [and] said the department would give prosecutors all information on the use of facial recognition, in past and future cases".

He told the Post that the department would "begin training officers to always disclose the use of facial recognition in incident reports." But he also said they would "leave it up to prosecutors to decide what to disclose to defendants."

"Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users."

That's the title of a new report released this week by cybersecurity company Group-IB revealing the official Apple App Store and Google Play store offered apps that were actually one part of a larger fraud campaign. "To complete the scam, the victim is asked to fund their account... After a few seemingly successful trades, the victim is persuaded to invest more and more money. The account balance appears to grow rapidly. However, when the victim attempts to withdraw funds, they are unable to do so."

Forbes reports: Group-IB determined that the frauds would begin with a period of social engineering reconnaissance and entrapment, during which the trust of the potential victim was gained through either a dating app, social media app or even a cold call. The attackers spent weeks on each target. Only when this "fattening up" process had reached a certain point would the fraudsters make their next move: recommending they download the trading app from the official App Store concerned.

When it comes to the iOS app, which is the one that the report focussed on, Group-IB researchers said that the app remained on the App Store for several weeks before being removed, at which point the fraudsters switched to phishing websites to distribute both iOS and Android apps. The use of official app stores, albeit only fleetingly as Apple and Google removed the fake apps in due course, bestowed a sense of authenticity to the operation as people put trust in both the Apple and Google ecosystems to protect them from potentially dangerous apps.
"The use of web-based applications further conceals the malicious activity," according to the researchers, "and makes detection more difficult." [A]fter the download is complete, the application cannot be launched immediately. The victim is then instructed by the cybercriminals to manually trust the Enterprise developer profile. Once this step is completed, the fraudulent application becomes operational... Once a user registers with the fraudulent application, they are tricked into completing several steps. First, they are asked to upload identification documents, such as an ID card or passport. Next, the user is asked to provide personal information, followed by job-related details...

The first discovered application, distributed through the Apple App Store, functions as a downloader, merely retrieving and displaying a web-app URL. In contrast, the second application, downloaded from phishing websites, already contains the web-app within its assets. We believe this approach was deliberate, since the first app was available in the official store, and the cybercriminals likely sought to minimise the risk of detection. As previously noted, the app posed as a tool for mathematical formulas, and including personal trading accounts within an iOS app would have raised immediate suspicion.
The app (which only runs on mobile phones) first launches a fake activity with formulas and graphics, according to the researchers. "We assume that this condition must bypass Apple's checks before being published to the store. As we can see, this simple trick allows cybercriminals to upload their fraudulent application to the Apple Store." They argue their research "reinforces the need for continued review of app store submissions to prevent such scams from reaching unsuspecting victims". But it also highlights "the importance of vigilance and end-user education, even when dealing with seemingly trustworthy apps..."

"Our investigation began with an analysis of Android applications at the request of our client. The client reported that a user had been tricked into installing the application as part of a stock investment scam. During our research, we uncovered a list of similar fraudulent applications, one of which was available on the Google Play Store. These apps were designed to display stock-related news and articles, giving them a false sense of legitimacy."

This week the U.S. Attorney's Office for the Southern District of New York unsealed charges over a "scheme to commit fraud" in carbon markets, which they say fraudulently netted one company "tens of millions of dollars" worth of credits — which led to "securing an investment of over $100 million."

MarketWatch reports: Ken Newcombe had spent years building a program to distribute more environmentally friendly cookstoves for free to rural communities in Africa and Southeast Asia. The benefit for his company, C-Quest Capital, would be the carbon credits it would receive in exchange for reducing the amount of fuel people burned in order to cook food — credits the company could then sell for a profit to big oil companies like BP.

But when Newcombe tried to ramp up the program, federal prosecutors said in an indictment made public Wednesday, he quickly realized that the stoves wouldn't deliver the emissions savings he had promised investors. Rather than admit his mistake, he and his partners cooked the books instead, prosecutors said... That allowed them to obtain carbon credits worth tens of millions of dollars that they didn't deserve, prosecutors said. On the basis of the fraudulently gained credits, prosecutors said, C-Quest was able to secure $250 million in funding from an outside investor.

"The alleged actions of the defendants and their co-conspirators risked undermining the integrity of [the global market for carbon credits], which is an important part of the fight against climate change," said Damian Williams, the U.S. attorney for the Southern District of New York.
From announced by the U.S. Attorney's Office: U.S. Attorney Damian Williams said... "The alleged actions of the defendants and their co-conspirators risked undermining the integrity of that market, which is an important part of the fight against climate change. Protecting the sanctity and integrity of the financial markets continues to be a cornerstone initiative for this Office, and we will continue to be vigilant in rooting out fraud in the market for carbon credits...."

While most carbon credits are created through, and trade in compliance markets, there is also a voluntary carbon market. Voluntary markets revolve around companies and entities that voluntarily set goals to reduce or offset their carbon emissions, often to align with goals from employees or shareholders. In voluntary markets, the credits are issued by non-governmental organizations, using standards for measuring emission reductions that they develop based on input from market participants, rather than on mandates from governments. The non-governmental organizations issue voluntary carbon credits to project developers that run projects that reduce emissions or remove greenhouse gases from the atmosphere.

CQC was a for-profit company that ran projects to generate carbon credits — including a type of credit known as a voluntary carbon unit ("VCU") — by reducing emissions of greenhouse gases. CQC profited by selling VCUs it obtained, often to companies seeking to offset the impact of greenhouse gases they emit in the course of operating their businesses.
The company itself was not charged due to "voluntary and timely self-disclosure of misconduct," according to the announcement, along with "full and proactive cooperation, timely and appropriate remediation, and agreement to cancel or void certain voluntary carbon units.

The one-and-done nature of 23andMe is "indicative of a core business problem with the once high-flying biotech company that is now teetering on the brink of collapse," reports NPR. As 23andMe struggles for survival, many of its 15 million customers are left wondering what the company plans to do with all the data it has collected since it was founded in 2006. An anonymous reader shares an excerpt from the report: Andy Kill, a spokesperson for 23andMe, would not comment on what the company might do with its trove of genetic data beyond general pronouncements about its commitment to privacy. "For our customers, our focus continues to be on transparency and choice over how they want their data to be managed," he said. When signing up for the service, about 80% of 23andMe's customers have opted in to having their genetic data analyzed for medical research. "This rate has held steady for many years," Kill added. The company has an agreement with pharmaceutical giant GlaxoSmithKline, or GSK, that allows the drugmaker to tap the tech company's customer data to develop new treatments for disease. Anya Prince, a law professor at the University of Iowa's College of Law who focuses on genetic privacy, said those worried about their sensitive DNA information may not realize just how few federal protections exist. For instance, the Health Insurance Portability and Accountability Act, also known as HIPAA, does not apply to 23andMe since it is a company outside of the health care realm. "HIPAA does not protect data that's held by direct-to-consumer companies like 23andMe," she said.

Although DNA data has no federal safeguards, some states, like California and Florida, do give consumers rights over their genetic information. "If customers are really worried, they could ask for their samples to be withdrawn from these databases under those laws," said Prince. According to the company, all of its genetic data is anonymized, meaning there is no way for GSK, or any other third party, to connect the sample to a real person. That, however, could make it nearly impossible for a customer to renege on their decision to allow researchers to access their DNA data. "I couldn't go to GSK and say, 'Hey, my sample was given to you -- I want that taken out -- if it was anonymized, right? Because they're not going to re-identify it just to pull it out of the database," Prince said.

Vera Eidelman, a staff attorney with the American Civil Liberties Union who specializes in privacy and technology policy, said the patchwork of state laws governing DNA data makes the generic data of millions potentially vulnerable to being sold off, or even mined by law enforcement. "Having to rely on a private company's terms of service or bottom line to protect that kind of information is troubling -- particularly given the level of interest we've seen from government actors in accessing such information during criminal investigations," Eidelman said. She points to how investigators used a genealogy website to identify the man known as the Golden State Killer, and how police homed in on an Idaho murder suspect by turning to similar databases of genetic profiles. "This has happened without people's knowledge, much less their express consent," Eidelman said.

Neither case relied on 23andMe, and spokesperson Kill said the company does not allow law enforcement to search its database. The company has, however, received subpoenas to access its genetic information. According to 23andMe's transparency report, authorities have sought genetic data on 15 individuals since 2015, but the company has resisted the requests and never produced data for investigators. "We treat law enforcement inquiries, such as a valid subpoena or court order, with the utmost seriousness. We use all legal measures to resist any and all requests in order to protect our customers' privacy," Kill said. [...] In a September filing to financial regulators, [23andMe CEO Anne Wojcicki] wrote: "I remain committed to our customers' privacy and pledge," meaning the company's rules requiring consent for DNA to be used for research would remain in place, as well as allowing customers to delete their data. Wojcicki added that she is no longer considering offers to buy the company after previously saying she was.

Law enforcement from 12 countries arrested four individuals linked to the LockBit ransomware gang, including a developer and a bulletproof hosting administrator. The operation also resulted in the seizure of LockBit infrastructure and involved sanctions targeting affiliates of both LockBit and Evil Corp. BleepingComputer reports: According to Europol, a suspected LockBit ransomware developer was arrested in August 2024 at the request of French authorities while on holiday outside of Russia. The same month, the U.K.'s National Crime Agency (NCA) arrested two more individuals linked to LockBit activity: one believed to be associated with a LockBit affiliate, while the second was apprehended on suspicion of money laundering. In a separate action, at Madrid airport, Spain's Guardia Civil arrested the administrator of a bulletproof hosting service used to shield LockBit's infrastructure. Today, Australia, the United Kingdom, and the United States also revealed sanctions against an individual the UK NCA believes is a prolific LockBit ransomware affiliate linked to Evil Corp.

The United Kingdom sanctioned 15 more Russian nationals involved in Evil Corp's criminal activities, while the United States sanctioned six individuals and Australia targeted two. "These actions follow the massive disruption of LockBit infrastructure in February 2024, as well as the large series of sanctions and operational actions that took place against LockBit administrators in May and subsequent months," Europol said.

A Russian criminal gang secretly conducted cyberattacks and espionage operations against NATO allies on the orders of the Kremlin's intelligence services, according to the UK's National Crime Agency. From a report: Evil Corp., which includes a man who gained notoriety for driving a Lamborghini luxury sports car, launched the hacks prior to 2019, the NCA said in statement on Tuesday. The gang has been accused of using malicious software to extort millions of dollars from hundreds of banks and financial institutions in more than 40 countries. In December 2019, the US government sanctioned Evil and accused its alleged leader, Maksim Yakubets, of providing "direct assistance" to the Russian state, including by "acquiring confidential documents." The NCA's statement on Tuesday provides new detail on the work Yakubets and other members allegedly carried out to aid the Kremlin's geopolitical aims. The exact nature of the hacks against the North Atlantic Treaty Organization allies wasn't immediately clear.

Google has obtained (PDF) a default judgment against two men who abused its DMCA takedown system to falsely target 117,000 URLs of competitors' online stores. With none of the defendants showing up in court, a California federal court sided with the search engine. Through an injunction, the men are now prohibited from sending false takedown notices and creating new Google accounts. TorrentFreak reports: Last November, Google decided to take action against the rampant DMCA abuse. In a lawsuit filed at a federal court in California, it accused Nguyen Van Duc and Pham Van Thien of sending over 100,000 fraudulent takedown requests. Many of these notices were allegedly filed against third-party T-shirt shops. [...] Following the complaint, the defendants, who are believed to reside in Vietnam, were summoned via their Gmail accounts and SMS. However, the pair remained quiet and didn't respond in court. Without the defendants representing themselves, Google requested a default judgment. According to the tech giant, it's clear that the duo violated the DMCA with their false takedown notices. In addition, they committed contract breach under California law.

Google said that, absent a default judgment, the defendants would continue to harm consumers and third-party businesses. These actions, in turn, will damage Google's reputation as a search engine. In July, U.S. Magistrate Judge Sallie Kim recommended granting Google's motion for default judgment. The recommendation included an injunction that prevents the two men from abusing Google's services going forward. However, the District Judge had the final say. Last Friday, U.S. District Court Judge Edward Davila adopted the recommendations, issuing a default judgment in favor of Google. The order confirms that defendants Nguyen Van Duc and Pham Van Thien violated the DMCA with their false takedown notices. In addition, they committed contract breach under California law.

In typical copyrights-related verdicts, most attention is paid to the monetary damages, but not here. While Google could have requested millions of dollars in compensation, it didn't request a penny. Google's primary goal was to put an end to the abusive behavior, not to seek financial compensation. Therefore, the company asked for an injunction to prohibit the defendants from sending false takedowns going forward. This includes a ban on registering any new Google accounts. The request ticked all the boxes and, without a word from the defendants, Judge Davila granted the default judgment as well as the associated injunction.

An anonymous reader quotes a report from Reuters: South Korean lawmakers on Thursday passed a bill that criminalizes possessing or watching sexually explicit deepfake images and videos, with penalties set to include prison terms and fines. There has been an outcry in South Korea over Telegram group chats where sexually explicit and illegal deepfakes were created and widely shared, prompting calls for tougher punishment. Anyone purchasing, saving or watching such material could face up to three years in jail or be fined up to 30 million won ($22,600), according to the bill.

Currently, making sexually explicit deepfakes with the intention of distributing them is punishable by five years in prison or a fine of 50 million won under the Sexual Violence Prevention and Victims Protection Act. When the new law takes effect, the maximum sentence for such crimes will also increase to seven years regardless of the intention. The bill will now need the approval of President Yoon Suk Yeol in order to be enacted. South Korean police have so far handled more than 800 deepfake sex crime cases this year, the Yonhap news agency reported on Thursday. That compares with 156 for all of 2021, when data was first collated. Most victims and perpetrators are teenagers, police say.

German law enforcement seized 47 cryptocurrency exchange services "that facilitated illegal money laundering activities for cybercriminals," according to BleepingComputer, "including ransomware gangs."

Long-time Slashdot reader Arrogant-Bastard shares their report: The platforms allowed users to exchange cryptocurrencies without following applicable "Know Your Customer" regulations, meaning that users remained completely anonymous when making transactions. This created a low-risk environment for cybercriminals to launder their proceeds without fearing prosecution or being tracked. "Exchange services that enable such anonymous financial transactions and thus money laundering represent one of the most relevant building blocks in the criminal value chain of the cybercrime phenomenon," reads a Federal Criminal Police Office (BKA) announcement... When visiting any of the seized exchanges, you are now redirected to a warning page titled "Operation Final Exchange," which warns visitors that they have been deceived by the promises of anonymity by the operators of these platforms.
The new site notes years-long promises from the exchanges "that their hosting cannot be found, that they do not store any customer data and that all data is deleted immediately after the transaction...

"We have found their servers and seized them — development servers, production servers, backup servers. We have their data — and therefore we have your data. Transactions, registration data, IP addresses.

"Our search for traces begins. See you soon."

Software developers who ship buggy, insecure code are the true baddies in the cyber crime story, Jen Easterly, boss of the US government's Cybersecurity and Infrastructure Security Agency, has argued. From a report: "The truth is: Technology vendors are the characters who are building problems" into their products, which then "open the doors for villains to attack their victims," declared Easterly during a Wednesday keynote address at Mandiant's mWise conference. Easterly also implored the audience to stop "glamorizing" crime gangs with fancy poetic names. How about "Scrawny Nuisance" or "Evil Ferret," Easterly suggested.

Even calling security holes "software vulnerabilities" is too lenient, she added. This phrase "really diffuses responsibility. We should call them 'product defects,'" Easterly said. And instead of automatically blaming victims for failing to patch their products quickly enough, "why don't we ask: Why does software require so many urgent patches? The truth is: We need to demand more of technology vendors."

Wireless communication pagers, carried by thousands, exploded around the same time across Lebanon on Tuesday, injuring over 2,700 people and killing eight, in what security experts suspect was a sophisticated Israeli intelligence operation. New York Times: Hundreds of pagers blew up at the same time across Lebanon on Tuesday in an apparently coordinated attack that killed eight people and injured more than 2,700, health officials said on Tuesday. [...] Hezbollah said that pagers belonging to its members had exploded and accused Israel of being behind the attack. The Israeli military declined to comment.

[...] Three officials briefed on the attack said that it had targeted hundreds of pagers belonging to Hezbollah operatives who have used such devices for years to make it harder for their messages to be intercepted. The devices were programmed to beep for several seconds before exploding, according to the officials, who spoke on the condition of anonymity because of the sensitivity of the matter. Further reading: Reuters; CNN; NPR; Fox News; and WSJ.

Edward Snowden said, "If it were iPhones that were leaving the factory with explosives inside, the media would be a hell of a lot faster to cotton on to what a horrific precedent has been set today. Nothing can justify this. It's a crime. A crime. And everyone in the world is less safe for it."

Former MoviePass CEO Mitch Lowe pleaded guilty to securities fraud, admitting he misled investors about the viability of the company's $9.95-a-month movie subscription service, and faces up to five years in prison. His co-defendant, former Helios and Matheson CEO Ted Farnsworth, faces similar charges and is scheduled for trial in March 2025; Farnsworth has been in federal custody since August 2023 due to bond violations involving misuse of company funds. Variety reports: Farnsworth and Lowe were the architects of MoviePass' doomed all-you-can-watch offering, which resulted in hundreds of millions of dollars in investor losses in 2017 and 2018. Investigators found that Lowe tried to stem the losses by throttling the service, forcing high-volume users to reset their passwords and verify their tickets. The two men were charged in November 2022 on counts of wire fraud and securities fraud. According to Lowe's plea agreement, the government estimates the total losses from the scheme at $303 million -- though Lowe contends it is less than that. Lowe remains free on bond, and is due back in court in Miami on March 21 for a status conference. Lowe published a memoir in 2022 in which he reflected on the downfall of MoviePass, entitled "Watch and Learn: How I Turned Hollywood Upside Down with Netflix, Redbox, and Moviepass."

Last October Slashdot reported on René Rebe's discovery of a random illegal instruction speculation bug on AMD Ryzen 7000-series and Epyc Zen 4 CPUs — which Rebe discussed on his YouTube channel.

But this week's YouTube episode had a different ending, reports Tom's Hardware... Two days ago, tech streamer and host of Code Therapy René Rebe was streaming one of many T2 Linux (his own custom distribution) development sessions from his office in Germany when he abruptly had to remove his microphone and walk off camera due to the arrival of police officers. The officers subsequently cuffed him and took him to the station for an hour of questioning, a span of time during which the stream continued to run until he made it back...

[T]he police seemingly have no idea who did it and acted based on a tip sent with an email. Finding the perpetrators could take a while, and options will be fairly limited if they don't also live in Germany.
Rebe has been contributing to Linux "since as early as 1998," according to the article, "and started his own T2 SD3 Embedded Linux distribution in 2004, as well." (And he's also a contributor to many other major open source projects.)

The article points out that Linux and other communities "are compelled by little-to-no profit motive, so in essence, René has been providing unpaid software development for the greater good for the past two decades."

In 1980 a 23-year-old woman was shot multiple times by an unknown assailant in a small county in central Kansas.

44 years later, the county sheriff made a Facebook post... Over the years, dozens of law enforcement officers looked at the case to no avail. In mid-2022 I was approached by Detective Sgt. Adam Hales to reopen the case using new techniques and technology that were now available at the time of the murder. In all honesty, it was with some degree of skepticism that I authorized the expenditure of manpower and resources... Many of the witnesses as well as law enforcement officers that were originally involved in the case had died and interviews were not possible.
A statement from the Kansas attorney general's office says the police investigation culminated with an interview with Steven Hanks, a neighbor of the woman, who admitted to the killing. Hanks (who is now 70 years old) was arrested and charged with murder and second-degree, according to the county sheriff's Facebook post: On a personal note, I was 18 years old and a senior in high school when this homicide occurred. I remember it well. By 1982 I had started with the Sheriff's Office as a reserve deputy and have been associated with the Barton County Sheriff's Office ever since. I worked for the four Sheriff's that preceded me and this homicide has haunted all of us. It bothers me that many of the people who were so affected by this tragic crime have since passed away prior to bringing the suspect to justice. I consider myself fortunate that I had the resources and the diligent personnel to close this case.
The Facebook post ends with a 1980 photo of 23-year-old Mary Robin Walter — who besides being a nursing school student was also a wife and mother — next to a booking photo of 70-year-old Steven Hanks.

Hanks has been sentenced to up to 25 years in prison

Police in Italy "smashed" a videogame trafficking ring, reports the BBC. They seized fake vintage Nintendo, Sega and Atari consoles that didn't meet strict safety standards, as well as counterfeit games — including Mario Bros., Street Fighter and Star Wars — that together were worth almost €50m ($55.5m) Around 12,000 consoles holding over 47 million pirated video games were seized by police, Alessandro Langella, head of the economic crime unit for Turin's financial police, told the AFP news agency... They were "all from China" and were imported to be sold in specialised shops or online, Mr Langella said...

The seized games have been destroyed. Nine Italian nationals have been arrested and charged with trading in counterfeited goods. If found guilty, they face up to eight years in prison.

Former FTX CEO Sam Bankman-Fried's legal team has filed an appeal challenging his conviction on seven felony counts and his 25-year prison sentence. They argue that he was not presumed innocent, that the jury received incomplete information about FTX user funds, and that the prosecution's narrative was biased. CoinTelegraph reports: In a Sept. 13 filing in the United States Court of Appeals for the Second Circuit, SBF's lawyers filed a 102-page brief claiming that the former FTX CEO was "never presumed innocent," subject to scrutiny that allegedly affected prosecutors, the presiding judge, and treatment by the media. Bankman-Fried's legal team announced in April -- a few weeks after a federal judge sentenced him to 25 years in prison -- that they intended to appeal. According to the appeal, SBF's lawyers alleged the jury was "only allowed to see half the picture" with FTX user funds, claiming prosecutors had "presented a false narrative" that the money was permanently lost and Bankman-Fried intentionally caused that loss. They also claimed that counsel for the FTX debtors worked with the US government in a way that was above and beyond "cooperation," providing information allegedly as an "arm of the prosecution."

"From day one, the prevailing narrative -- initially spun by the lawyers who took over FTX, quickly adopted by their contacts at the US Attorney's Office -- was that Bankman-Fried had stolen billions of dollars of customer funds, driven FTX to insolvency, and caused billions in losses," said the appeal. "Now, nearly two years later, a very different picture is emerging -- one confirming FTX was never insolvent, and in fact had assets worth billions to repay its customers. But the jury at Bankman-Fried's trial never got to see that picture." The legal team requested the appellate court grant SBF a new trial with a different judge. It's unclear whether the Second Circuit could rule to affirm Bankman-Fried's conviction in the US District Court for the Southern District of New York or reverse the decision and set the groundwork for a new trial.

Japan is overhauling how its ubiquitous 24-hour mini-police stations are operated nationwide as more crime fighting moves from the streets to the web. From a report: Called koban in Japanese, officers at these small police boxes handle a variety of tasks from responding to crime and patrolling neighborhoods to handling lost items. There are also chuzaisho outposts where police officers live full-time. The National Police Agency will update operational rules on Friday to allow some outposts to shut down at night if necessary. It will also allow greater flexibility on the use of mobile or temporary outposts, depending on local needs and staffing considerations.

Prefectural police will decide on changes involving specific outposts. Japan's koban system dates back to 1874 and is believed to have started operating around the clock in the 1880s. There were 6,215 kobans and 5,923 live-in outposts across Japan as of April. They have inspired countries like Singapore and Brazil to set up similar outposts focused on community policing. The change comes amid shifting crime patterns. Roughly 700,000 crime cases were reported in 2023, down more than 70% from the post-World War II peak in 2002. Street crime, like purse-snatching and car break-ins, were down around 80% to 240,000 cases. Instead, online and phone-based crimes, like impersonation scams and romance scams, are on the rise.

South Korean police have arrested two former Samsung executives for allegedly leaking $3.2 billion worth of Samsung secrets to China to aid in building 20nm DRAM chips. Tom's Hardware reports: The authorities reported that one of the arrested suspects, 66-year-old Mr. Choi, set up a joint venture building chips in China alongside some local officials and served as its CEO. He was allegedly assisted by a plant designer, Mr. Oh, in this venture, while he also attempted to recruit other South Korean experts to work for him. However, Choi's arrest comes after being suspected of leaking Samsung memory technologies to build 20nm DRAM chips at the Chinese factory, Chengdu Gaozhen.

Samsung is one of the leading memory manufacturers, working with other major companies like Nvidia to produce VRAM while offering its own storage and memory solutions. The police said Choi's move "weakened the nation's competitiveness when the countries are in a global chip war." With the capture of the company's head, the authorities claim that this will stop the operation of the Chinese venture. However, investigators are still looking into the case to determine if other cases of industrial espionage will spring up from this case.