An anonymous reader quotes a report from Ars Technica: Earlier this year, the International Organization for Migration reported that more than 3 million refugees fleeing war-torn Ukraine were "at heightened risk of exploitation." Human trafficking cases, they warned, involved refugees more likely to leave home suddenly without secure financial resources and "less likely to be identified in the immediate aftermath of mass displacement." Since February, the European Union announced (PDF) that the number is even larger, counting more than 5.4 million people who "have arrived in the European Union since the beginning of the war in Ukraine." "All relevant stakeholders have recognized that the threat of trafficking in human beings is high and imminent," EU's human trafficking plan states. Since women and children represent the majority of refugees fleeing, the plan says they are believed to be most at risk.

To respond, the EU began monitoring online and offline human trafficking risks, and experts called for countries across Europe to start working together to shield refugees during this uncertain time of conflict. This week, the EU's law enforcement agency focused on cybercrimes, Europol, reported that it had done exactly that by coordinating the first online EU-wide hackathon. By bringing together law enforcement authorities from 20 countries to aid in their investigations, the hackathon targeted criminal networks using social platforms and websites to map out the online criminal landscape of human trafficking across Europe. In particular, Europol noted in its report, "investigators targeted human traffickers attempting to lure Ukrainian refugees."

"The Internet and human trafficking are interlinked," Europol stated in its report, which identified 30 online platforms "related to vulnerable Ukrainian refugees," 10 specifically targeting refugees for human trafficking. Europol identified 80 persons/usernames (with 30 possibly exploiting Ukrainian refugees), 11 suspected human traffickers (five believed to be targeting Ukrainian refugees), and 45 possible victims, 25 of which were Ukrainian. Countries involved in the hackathon were Austria, Albania, Belgium, Denmark, France, Finland, Germany, Greece, Hungary, Lithuania, Netherlands, Portugal, Poland, Romania, Slovenia, Slovakia, Spain, Sweden, the United Kingdom, and Ukraine. Online platforms probed during the hackathon included "a wide range of websites" and "social media, dating platforms, advertising and aid platforms, forums and messaging applications."

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, "America is looking for me because I have enormous information and they need it." From the report: On June 22, KrebsOnSecurity published Meet the Administrators of the RSOCKS Proxy Botnet, which identified Denis Kloster, a.k.a. Denis Emelyantsev, as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as "proxies" to cybercriminals looking for ways to route their malicious traffic through someone else's computer. A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master's identity on the cybercrime forums to Kloster's personal blog, which featured musings on the challenges of running a company that sells "security and anonymity services to customers around the world." Kloster's blog even included a group photo of RSOCKS employees.

The Bulgarian news outlet 24Chasa.bg reports that Kloster was arrested in June at a co-working space in the southwestern ski resort town of Bansko, and that the accused asked to be handed over to the American authorities. "I have hired a lawyer there and I want you to send me as quickly as possible to clear these baseless charges," Kloster reportedly told the Bulgarian court this week. "I am not a criminal and I will prove it in an American court." 24Chasa said the defendant's surname is Emelyantsev and that he only recently adopted the last name Kloster, which is his mother's maiden name. As KrebsOnSecurity reported in June, Kloster also appears to be a major player in the Russian email spam industry. [...] Kloster turned 36 while awaiting his extradition hearing, and may soon be facing charges that carry punishments of up to 20 years in prison.

Police in the UK have arrested a 17-year-old suspected hacker. Reports suggest the arrest is connected to the Rockstar Games hack that led to a major Grand Theft Auto VI leak. The individual may have been involved with an intrusion on Uber as well. From a report: According to journalist Matthew Keys' sources, the arrest is the result of an investigation involving the City of London Police, the UK's National Cyber Crime Unit and the FBI. Keys noted that the police and/or the FBI will reveal more details about the arrest later today. The City of London Police told Engadget it had "no further information to share at this stage."

The GTA VI leak is unquestionably one of the biggest in video game history. Last weekend, the hacker shared a trove of footage from a test build of the game, which is one of the most hotly anticipated titles around. Rockstar, which tends to keep a tight lid on its development process, confirmed on Monday that the leak was legitimate. It said the incident won't impact work on the game and that it will "properly introduce" fans to the next title in the blockbuster series once it's ready.

Five luxury cars, including two BMWs, two McLarens, and a Lamborghini, have been seized from 23-year-old Aiden Pleterski, the self-described "crypto king" of Canada, during bankruptcy proceedings according to a new report from the CBC. But those cars are only worth a fraction of the $35 million that Pleterski allegedly took from investors who thought he'd make them rich in the cryptocurrency market, and it's not clear whether they'll ever see their money again. Gizmodo reports: Pleterski and his company AP Private Equity Limited are facing at least two civil lawsuits after 140 people have come forward to say they invested a combined $35 million with Pleterski. Those people believed they were investing in cryptocurrency, and Pleterski's online presence -- including photos of the 23-year-old on private jets and next to luxury cars-- helped create the image that he knew what he was doing.

Pleterski's YouTube channel and Instagram account have been deleted but it appears he purchased articles on websites like Forbes.mc (the top level domain for Monaco) and the far-right news outlet Daily Caller to get his name associated with success in crypto investment. The Daily Caller article from December 2021 includes a photo of Pleterski looking at his phone in what appears to be a private jet. Notably, December 2021 was a time when cryptocurrencies like bitcoin and ethereum were trading near all-time highs. The headline reads, "Aiden Pleterski: Meet the Young Canadian Investor Who Is Taking the World of Crypto By Storm."

The question remains whether Pleterski actually invested any of the money in crypto to begin with, and speaks to just how strange the crypto market has been over the past year. For all anyone knows, Pleterski may have actually invested the money and lost it like so many others since the peak of November 2021. Bitcoin is down 56% since its price a year ago, while ethereum is down 57%. Pleterski insists he invested the money but that he's just bad with record-keeping. But some investors suspect Pleterski didn't even bother investing the money, instead pocketing it for himself, according to people who spoke with the CBC. Investors are trying to get their money back through the bankruptcy court and two civil lawsuits, but criminal charges haven't been pursued, even though some have reported their incidents to Toronto police, according to the CBC.

Charter Communications must pay over $1.1 billion to the estate and family of an 83-year-old woman murdered in her home by a Spectrum cable technician, a Dallas County Court judge ruled yesterday. Ars Technica reports: A jury in the same court previously ordered Charter to pay $7 billion in punitive damages and $337.5 million in compensatory damages. Judge Juan Renteria lowered the award in a ruling issued yesterday. The damages are split among the estate and four adult children of murder victim Betty Thomas. Renteria did not change the compensatory damages but lowered the punitive damages awarded to the family to $750 million. Pre-judgment interest on the damages pushes Charter's total liability to over $1.1 billion.

It isn't surprising that the judge lowered the payout, in which the jury decided punitive damages should be over 20 times higher than what Charter is liable for in compensatory damages. A nine-to-one ratio is often used as a maximum because of a 2003 US Supreme Court ruling that said: "In practice, few awards exceeding a single-digit ratio between punitive and compensatory damages, to a significant degree, will satisfy due process." Former Spectrum technician Roy Holden pleaded guilty to the 2019 murder of customer Betty Thomas and was sentenced to life in prison in April 2021. Charter was accused of hiring Holden without verifying his employment history and ignoring a series of red flags about his behavior, which included stealing credit cards and checks from elderly female customers.

An anonymous reader quotes a report from Reuters: Germany's general data retention law violates EU law, Europe's top court ruled on Tuesday, dealing a blow to member states banking on blanket data collection to fight crime and safeguard national security. The law may only be applied in circumstances where there is a serious threat to national security defined under very strict terms, the Court of Justice of the European Union (CJEU) said. The ruling comes after major attacks by Islamist militants in France, Belgium and Britain in recent years. Governments argue that access to data, especially that collected by telecoms operators, can help prevent such incidents, while operators and civil rights activists oppose such access.

The latest case was triggered after Deutsche Telekom unit Telekom Deutschland and internet service provider SpaceNet AG challenged Germany's data retention law arguing it breached EU rules. The German court subsequently sought the advice of the CJEU which said such data retention can only be allowed under very strict conditions. "The Court of Justice confirms that EU law precludes the general and indiscriminate retention of traffic and location data, except in the case of a serious threat to national security," the judges said. "However, in order to combat serious crime, the member states may, in strict compliance with the principle of proportionality, provide for, inter alia, the targeted or expedited retention of such data and the general and indiscriminate retention of IP addresses," they said.

A Maryland judge has overturned the murder conviction of Adnan Syed, in the latest twist to the case at the center of the hit podcast series Serial. From a report: Baltimore City Circuit Judge Melissa Phinn vacated the 41-year-old's conviction and granted him a new trial on Monday, ordering his release after more than 23 years behind bars. The move came after prosecutors made a request for his release on Wednesday saying that "the state no longer has confidence in the integrity of the conviction." Prosecutors said that an almost year-long investigation had cast doubts about the validity of cellphone tower data and uncovered new information about the possible involvement of two alternate unnamed suspects.

Syed was convicted in 2000 of first-degree murder, robbery, kidnapping and imprisonment of his ex-girlfriend Hae Min Lee. Lee, 18, vanished after leaving her high school on 13 January 1999. Her strangled body was found in a shallow grave in a Baltimore park around a month later. Syed has always maintained his innocence. In a tweet shortly after the ruling was made, Serial tweeted: "Sarah was at the courthouse when Adnan was released, a new episode is coming tomorrow morning."

South Korean prosecutors have refuted Do Kwon's claim from over the weekend that he is not on the run and asked Interpol to issue a red notice against the Terraform Labs' co-founder, escalating the publicly playing out drama following the $40 billion wipeout on his cryptocurrency startup in May this year. From a report: The Seoul Southern District Prosecutor's Office said that Kwon was not cooperating with the investigation and had told them (through his lawyer last month) that he had no intention to appear for questioning, according to official statements cited by local media Yonhap. The prosecutors have asked Seoul's foreign ministry to revoke Kwon's passport and said they have "circumstantial evidence" that Kwon is attempting to escape. An Interpol red notice, which is a call to law enforcement worldwide, can prevent individuals from being issues visas, restrict their cross border travels, and "provisionally arrest a person pending extradition, surrender or similar legal action." Over the weekend, Kwon claimed he was not on the run from any government agency that had "shown interest to communication." He added in a tweet: "We are in full cooperation and we don't have anything to hide."

The world's freight-carrying trucks and ships use GPS-based satellite tracking and navigation systems, reports ZDNet. But "Criminals are turning to cheap GPS jamming devices to ransack the cargo on roads and at sea, a problem that's getting worse...." Jammers work by overpowering GPS signals by emitting a signal at the same frequency, just a bit more powerful than the original. The typical jammers used for cargo hijackings are able to jam frequencies from up to 5 miles away rendering GPS tracking and security apparatuses, such as those used by trucking syndicates, totally useless. In Mexico, jammers are used in some 85% of cargo truck thefts. Statistics are harder to come by in the United States, but there can be little doubt the devices are prevalent and widely used. Russia is currently availing itself of the technology to jam commercial planes in Ukraine.

As we've covered, the proliferating commercial drone sector is also prey to attack.... During a light show in Hong Kong in 2018, a jamming device caused 46 drones to fall out of the sky, raising public awareness of the issue.
While the problem is getting worse, the article also notes that companies are developing anti-jamming solutions for drone receivers, "providing protection and increasing the resiliency of GPS devices against jamming attacks.

"By identifying and preventing instances of jamming, fleet operators are able to prevent cargo theft."

Long-time Slashdot reader n3hat writes: The BBC reports that a thief has been emptying gym patrons' accounts by stealing their bank card and mobile phone, registering the account to the thief's own mobile, and emptying the victims' bank accounts. The thief works around 2-factor authentication by taking advantage of the victim's phone having been configured to show notifications on the lock screen, so the thief can view the 2FA credential even though they don't have the unlock code.

The article gives instructions on how to disable notifications on the lock screen, for both iPhone and Android.

SpzToid writes: U.S. government officials are adding data from as many as 10,000 electronic devices each year to a massive database they've compiled from cellphones, iPads and computers seized from travelers at the country's airports, seaports and border crossings, leaders of Customs and Border Protection told congressional staff in a briefing this summer. The rapid expansion of the database and the ability of 2,700 CBP officers to access it without a warrant -- two details not previously known about the database -- have raised alarms in Congress about what use the government has made of the information, much of which is captured from people not suspected of any crime. CBP officials told congressional staff the data is maintained for 15 years.

Details of the database were revealed Thursday in a letter to CBP Commissioner Chris Magnus from Sen. Ron Wyden (D-Ore.), who criticized the agency for "allowing indiscriminate rifling through Americans' private records" and called for stronger privacy protections. The revelations add new detail to what's known about the expanding ways that federal investigators use technology that many Americans may not understand or consent to. Agents from the FBI and Immigration and Customs Enforcement, another Department of Homeland Security agency, have run facial recognition searches on millions of Americans' driver's license photos. They have tapped private databases of people's financial and utility records to learn where they live. And they have gleaned location data from license-plate reader databases that can be used to track where people drive.

A court in South Korea has issued an arrest warrant for Do Kwon, the founder of Terraform Labs, escalating its probe into the crypto ecosystem whose two tokens lost $40 billion in value in a span of days earlier this year. From a report: LUNA, the new token of the revived ecosystem, dropped as high as 48.4% to $2.23 apiece on the news, which was earlier reported by local media Yonhap, before recovering slightly. The South Korean court has issued arrest warrants for six people, the news outlet reported, adding that the prosecutors believe the individuals have violated the nation's capital market rules.

Bruce66423 shares a report from the Associated Press: A rape victim whose DNA from her sexual assault case was used by San Francisco police to arrest her in an unrelated property crime on Monday filed a lawsuit against the city. During a search of a San Francisco Police Department crime lab database, the woman's DNA was tied to a burglary in late 2021. Her DNA had been collected and stored in the system as part of a 2016 domestic violence and sexual assault case, then-District Attorney Chesa Boudin said in February in a shocking revelation that raised privacy concerns. "This is government overreach of the highest order, using the most unique and personal thing we have -- our genetic code -- without our knowledge to try and connect us to crime," the woman's attorney, Adante Pointer, said in a statement.

The revelation prompted a national outcry from advocates, law enforcement, legal experts and lawmakers. Advocates said the practice could affect victims' willingness to come forward to law enforcement authorities. Federal law already prohibits the inclusion of victims' DNA in the national Combined DNA Index System. There is no corresponding law in California to prohibit local law enforcement databases from retaining victims' profiles and searching them years later for entirely different purposes.

Boudin said the report was found among hundreds of pages of evidence against a woman who had been recently charged with a felony property crime. After learning the source of the DNA evidence, Boudin dropped the felony property crime charges against the woman. The police department's crime lab stopped the practice shortly after receiving a complaint from the district attorney's office and formally changed its operating procedure to prevent the misuse of DNA collected from sexual assault victims, Police Chief Bill Scott said. Scott said at a police commission meeting in March that he had discovered 17 crime victim profiles, 11 of them from rape kits, that were matched as potential suspects using a crime victims database during unrelated investigations. Scott said he believes the only person arrested was the woman who filed the lawsuit Monday.

Nikhil Wahi, brother of former Coinbase product manager Ishan Wahi, pleaded guilty in a Monday hearing to one count of conspiracy to commit wire fraud in connection with an alleged insider trading scheme. Decrypt reports: "Less than two months after he was charged, Nikhil Wahi admitted in court today that he traded in crypto assets based on Coinbase's confidential business information to which he was not entitled," said Damien Williams of the U.S. Attorney's Office in New York in a statement. "For the first time ever, a defendant has admitted his guilt in an insider trading case involving the cryptocurrency markets," Williams continued. "Today's guilty plea should serve as a reminder to those who participate in the cryptocurrency markets that the Southern District of New York will continue to steadfastly police frauds of all stripes and will adapt as technology evolves."

Nikhil now awaits sentencing in December, which could mean up to 20 years in prison. He has also been ordered to give back the money earned as a result of the illicit Coinbase trading, Williams said. Back in July, the Justice Department charged Ishan, Nikhil, and their friend Sameer Ramani with wire fraud conspiracy and wire fraud as it relates to cryptocurrency insider trading. The Securities and Exchange Commission also filed charges against the trio. While he was working at Coinbase, Ishan allegedly shared his insider knowledge of upcoming Coinbase listing announcements with Nikhil and Sameer to then profit from the listings by purchasing the tokens before they went live on Coinbase. In August, Ishan pled not guilty to the DOJ's charges. Now that his brother has pleaded guilty, it's unclear how Ishan's case will proceed and whether he will continue to fight the insider trading case.

According to the DOJ's statement released Monday, Nikhil implicated his brother Ishan and admitted to receiving tips from him. Nikhil then reportedly used numerous different crypto wallets in others' names to anonymize his insider trading. Concerns of insider trading at cryptocurrency exchanges extend beyond just this case, which is considered the first of its kind and is likely to set a precedent. Three Australian finance academics have posited that up to 25% of Coinbase listings in the past four years may have involved some insider trading.

An anonymous reader quotes a report from TorrentFreak: Prosecutors in Taiwan have indicted five men for running an operation that uploaded movies to the internet and then extorted cash settlements from the BitTorrent users who downloaded them. One of the men is former ultramarathon runner Kevin Lin, who founded a copyright consultancy company after graduating from law school in 2020. According to reports, Lin's company enticed users to download the torrents, tracked their IP addresses, and then filed copyright lawsuits in an effort to profit from cash settlements. Lin said that due to his support for the opposition government and his criticism of its handling of the COVID-19 pandemic, the investigation against him is politically motivated.

In May 2021, licenses were obtained from Vie Vision Pictures Co. and Applause Entertainment Ltd, which led to 18 movies being uploaded to BitTorrent networks, to tempt users into downloading them. After capturing their IP addresses, Lin's company obtained their identities from ISPs and sued them. The goal was to obtain out-of-court settlements. Since August 2021, Lin's company filed 937 lawsuits for copyright infringement. In just 25 of those cases, the company managed to "extort" settlements of $29,207, FocusTaiwan reports. In addition to Lin, several other people have also been indicted for their part in the operation.

Elizabeth Holmes -- the founder of blood testing startup Theranos and the poster child for misleading investors, media, and innocent people looking for medical care through a web of deceit -- wants a do-over. She is requesting a new trial, according to a document filed Tuesday in the Southern District Court of California. Gizmodo reports: The motion for a new trial, authored by Holmes' attorneys, hinges on "newly discovered evidence," specifically: the alleged testimony regrets of Adam Rosendorff. Rosendorff was a lab director at Theranos and later, testified as a key witness in the case against Holmes and her ex-boyfriend/partner in crime Ramesh "Sunny" Balwani. His original testimony lasted multiple days and emphasized the pressure that Theranos employees were under to demonstrate the faulty diagnostic technology worked, even when it didn't.

"I felt that it was a question on my integrity as a physician not to remain there and to continue to bolster results I essentially didn't have faith in," Rosendorff said while on the witness stand in 2021, according to CNBC. "I came to understand that management was not sincere in diverting resources to solve issues." Now, Holmes and her lawyers are claiming that Rosendorff left a voicemail and then showed up at Holmes' residence on August 8 in a desperate bid to communicate that he "felt he had done something wrong, apparently in connection with Ms. Holmes' trial." The motion, supposedly paraphrasing Rosendorff, says that the former Theranos employee stated, "the government made things seem worse than they were."

In the document, Holmes' legal team wrote, "Under any interpretation of his statements, the statements warrant a new trial under Rule 33. But, at a minimum, and to the extent the Court has any doubt about whether a new trial is required, the Court should order an evidentiary hearing and permit Ms. Holmes to subpoena Dr. Rosendorff to testify about his concerns." Holmes was found guilty in January on four of 11 charges defrauding the company's investors and patients. She was found not guilty on four counts.

In July, Balwani was found guilty of 12 counts of conspiracy and fraud against certain investors and patients.

An anonymous reader quotes a report from the Associated Press: One of the strictest internet privacy laws in the United States has withstood a legal challenge, as a group of telecommunication providers has dropped its bid to overturn the Maine standard. Maine created one of the toughest rules in the nation for internet service providers in 2020 when it began enforcing an "opt-in" web privacy standard. The law stops the service providers from using, disclosing, selling or providing access to customers' personal information without permission.

Industry associations swiftly sued with a claim that the new law violated their First Amendment rights. A federal judge rejected that challenge, but legal wrangling continued. The groups, which include the country's biggest telecommunications providers, filed to dismiss the lawsuit on Sept. 2, said Maine Attorney General Aaron Frey. Frey said the state's privacy law held up despite the efforts of an "army of industry lawyers organized against us," and now other states can follow Maine's lead. "Maine's Legislature wisely sought to protect Maine residents by restricting the disclosure and use of their most private and personal information," Frey said.

The Maine Legislature passed the bill, proposed by former Democratic state Sen. Shenna Bellows, who is now Maine's secretary of state, in 2019. Internet service providers then sued in February 2020, and attorneys for Maine have been in court defending the law since. The proposal stemmed from a Maine effort to bring back rules implemented during President Barack Obama's tenure that were repealed by Congress during President Donald Trump's term. Industry plaintiffs agreed to reimburse Maine for more than $55,000 in costs incurred defending the law, Frey said. Maine is also home to the strictest facial recognition law of its kind. It was passed last July and "prohibits government use of facial recognition except in specifically outlined situations, with the most broad exception being if police have probable cause that an unidentified person in an image committed a serious crime, or for proactive fraud prevention," reports Motherboard.

"Crucially, the law plugs loopholes that police have used in the past to gain access to the technology, like informally asking other agencies or third parties to run backchannel searches for them. Logs of all facial recognition searches by the BMV must be created and are designated as public records."

A simple digital card praising Islamist militants for an attack on a Taliban position in Afghanistan last month is the first known nonfungible token created and disseminated by a terrorist sympathizer, according to former senior U.S. intelligence officials. From a report: It is a sign that Islamic State and other terror groups may be preparing to use the emerging financial technology to sidestep Western efforts to eradicate their online fundraising and messaging, they said. The NFT, visible on at least one NFT trading website and titled "IS-NEWS #01," bears Islamic State's emblem. It was created by a supporter of the group, likely as an experiment to test a new outreach and funding strategy for ISIS, the former officials said.

Regulators and national-security officials have expressed concern about the potential for terrorists to exploit new financial technologies and markets, including NFTs. "It was only a matter of time," said Yaya Fanusie, a former economic and counterterrorism analyst at the Central Intelligence Agency. An NFT is a unit of data stored on a blockchain -- a database of transactions organized without the need for a central trusted authority. The technology first emerged as a means of tracking, valuing and trading digital assets, but developers say that it has much broader applications, such as digital concert tickets and branded collectibles like digital trading cards.

Slashdot reader artmancc writes: Like aircraft, many of the world's ocean-going vessels are required to have transponders that broadcast their location. The information is public and can be seen on websites such as AIS Marine Traffic. But according to an analysis reported in The New York Times , a maritime data company called Windward "has uncovered more than 500 cases of ships manipulating their satellite navigation systems to hide their locations."

The article, by Anatoly Kurmanaev, highlights the Cyprus-registered tanker Reliant, which was observed taking on oil at a Venezuelan refinery last December. At the same time, however, the ship was reporting its position as some 300 nautical miles (about 500 kilometers) away, "drifting innocuously off the coast of St. Lucia."
It's illegal (under international law), but the rapidly-growing practice lets ships circumvent international laws and sanctions, the Times reports, and "could transform how goods are moved around the world, with profound implications for the enforcement of international law, organized crime and global trade." Its use has included Chinese fishing fleets hiding operations in protected waters off South America, tankers concealing stops in Iranian oil ports, and container ships obfuscating journeys in the Middle East. A U.S. intelligence official, who discussed confidential government assessments on the condition of anonymity, said the deception tactic had already been used for weapons and drug smuggling. After originally discovering the deception near countries under sanction, Windward has since seen it spread as far as Australia and Antarctica.

"It's a new way for ships to transmit a completely different identity," said Matan Peled, a founder of Windward. "Things have unfolded at just an amazing and frightening speed...." The spread of AIS manipulation shows how easy it has become to subvert its underlying technology — the Global Positioning System, or GPS — which is used in everything from cellphones to power grids, said Dana Goward, a former senior U.S. Coast Guard official and the president of Resilient Navigation and Timing Foundation, a Virginia-based GPS policy group. "This shows just how vulnerable the system is," he said.

Faruk Fatih Ozer, the founder and CEO of the now-defunct crypto exchange Thodex, has been arrested in the Albanian city of Vlore. PC Gamer reports: Ozer fled following the collapse of Thodex in April 2021: he initially claimed a halt in trading was due to cyberattacks, and that investors' money was safe, before disappearing. Almost immediately afterwards, Turkish police arrested dozens of Thodex employees and seized the firm's computers. It subsequently emerged that, in April 2021, Thodex had moved approximately $125 million worth of bitcoin to the established US crypto exchange Kraken. Given the number of investors in Thodex left with nothing, this looks like straightforward theft from a failing business.

It's not the whole story, either. Cryptocrime analysis firm Chainanalysis addressed Thorex specifically in its overview of 2021, in the wider context of a total $2.8 billion worth of crypto scams over this year being 'rug pulls': wherein a seemingly legitimate business is set up, operates as normal for a while, then suddenly all the money is gone. It's large-scale fraud. "We should note that roughly 90% of the total value lost to rug pulls in 2021 can be attributed to one fraudulent centralized exchange, Thodex, whose CEO disappeared soon after the exchange halted users' ability to withdraw funds," says the Chainanalysis report. That works out at an estimate of around $2.5 billion of crypto.

Six people have already been jailed for their role in Thodex, including family members of Ozer, while 20 other prosecutions are ongoing. The Turkish daily Harriyet reports that state prosecutors are out to set an example: "A prison sentence of 40,564 years is sought for each of these 21 people, including Ozer, as over 2,000 people are included in the indictment as complainants."