A new profile of Jack Thompson, the notorious anti-violent video game crusader of the mid-2000s. The Verge: When the video game industry is valued at $300 billion, a Halo TV series trailer is occupying prime real estate during the AFC Championship, and a GTA facsimile like Free Guy is one of the top-grossing films of the year, it is clear that Jack Thompson lost the fight. For those who don't remember, Thompson was the attorney who led the charge against violent video games and helped morph a fringe topic into a dominant wedge issue of the mid-2000s. He has since vanished from the public eye as the outrage ran dry, and everyone moved on. [...] Thankfully, Jack Thompson was kind enough to answer his phone on a sunny Friday afternoon in South Florida. It only took a few minutes for him to unleash a salvo of takes, forever cocked and loaded for anyone willing to listen. He asserts an association between the rise of crime in New York City to Take-Two, the publisher behind Grand Theft Auto. After all, he explained, Take-Two is headquartered in Manhattan. Thompson is never going to betray his heart, for better or worse.

"Americans are famous for moving on," he told me. "We have the attention span of a mosquito. Churchill said that when most people stumble across the truth, they pick themselves up, dust themselves off, and move on as if nothing happened. What pissed people off about me is that I didn't do that. I'm 70. I'm still here. I haven't died yet." [...] Thompson anticipates a reckoning. Someday, he says, the defense team in a murder trial is going to argue that their client was revved into a frenzy due to, in part, an inveterate video game habit. The jury will buy it, and the suspect will escape the death penalty. At last, all of Thompson's warnings come home to roost, and the real villains -- Tommy Vercetti, Niko Bellic, and Carl Johnson -- will be unmasked for all to see. It's hard for me to even conceptualize the scenario that Thompson describes, but I suppose that anyone still committed to dismantling Grand Theft Auto in 2022 must engage in some degree of magical thinking. "It's going to work, and that's going to get people's attention," said Thompson. "People are going to freak out. They're going to say, 'Wait a minute, somebody can kill somebody and only be convicted of manslaughter by virtue of a video game defense?' ... [they'll want to] do something about the games and their distribution."

Zelle, the payments platform used by millions of customers, is a popular target of scammers. But banks have been reluctant to make fraud victims whole -- despite owning the system. From a report: Consumers love payment apps like Zelle because they're free, fast and convenient. Created in 2017 by America's largest banks to enable instant digital money transfers, Zelle comes embedded in banking apps and is now by far the country's most widely used money transfer service. Last year, people sent $490 billion through Zelle, compared with $230 billion through Venmo, its closest rival. Zelle's immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. There's no way for customers -- and in many cases, the banks themselves -- to retrieve the money.

Nearly 18 million Americans were defrauded through scams involving digital wallets and person-to-person payment apps in 2020, according to Javelin Strategy & Research, an industry consultant. "Organized crime is rampant," said John Buzzard, Javelin's lead fraud analyst. "A couple years ago, we were just starting to talk about it" on apps like Zelle and Venmo, Mr. Buzzard said. "Now, it's common and everywhere." The banks are aware of the widespread fraud on Zelle. When Mr. Faunce called Wells Fargo to report the crime, the customer service representative told him, "A lot of people are getting scammed on Zelle this way." Getting ripped off for $500 was "actually really good," Mr. Faunce said the rep told him, because "many people were getting hit for thousands of dollars."

MattSparkes writes: Bitstamp, Europe's largest cryptocurrency exchange, says it has handed over information on some of its customers to the UK's intelligence agencies, MI5 and MI6. The news suggests that bitcoin and other cryptocurrencies are being used in serious organised crime and terrorism, as well as domestic crime.

The Security Service, also known as MI5, is responsible for preventing terrorism and espionage within the UK, while the Secret Intelligence Service, commonly known as MI6, is tasked with foreign intelligence. Neither organisation tackles ordinary crime, unless there is a threat to national security, and until now no cryptocurrency investigations have been confirmed.

An anonymous reader quotes a report from Gizmodo: It's been less than a month since the New York Times bought Wordle, but it's wasting no time in ruining everyone's favorite word game in all the shitty ways you'd expect from a billion-dollar behemoth. And -- you guessed it -- that means your little daily puzzles are being loaded with ad trackers now, too. Most of us assumed that this was going to happen eventually. I mean, the Times dropped a cool seven-figure sum on a game that's still free to play (at least for right now), so those profits would need to be recouped from somewhere. And this week, some code-savvy Worlders stumbled onto where that "somewhere" was: a dozen different trackers shoved into places where there were literally zero before. Taking a look for ourselves, Gizmodo found that some of the trackers were from the New York Times proper, but most were used to send data to third-party players like Google. [...]

Here's just one nightmare scenario out of the bajillion or so that could come out of a system like this: Ad trackers were created to shove t-shirts and mugs onto all of our timelines, but they can also be used for outright surveillance. There are countless cases of cops using the data gleaned from those shitty ads to track protestors, immigrants, and anyone else they'd want completely warrant-free. And two of the companies that officers tap on the regular for this work -- Google and Oracle (via its infamous Bluekai subsidiary) -- are tied up in Wordle's shiny new trackers. Every time you open the page to see the day's puzzle to complain about how hard it is, the page pings details back to those companies -- and the data it shares can be extremely detailed, as Bluekai's own documents (PDF) lay out. At the very least, it's likely sending broad strokes to say you were on the site at a certain time, while your device was at a certain location.

Sure, adtech players can (and will) pull much shadier shit to share more data on the regular. But as a for instance, if a cop wanted to set a geofence warrant around your neighborhood -- tracking which devices are caught in a specific area at a specific time -- they could easily tap into Bluekai's ad data to get those wheres and whens. And now the fact that you Wordle'd at your local coffee shop on a Tuesday becomes one of the reasons that you ended up on some fed's watch list for a crime you didn't commit but will somehow end up jailed for anyway. This absolute nightmare is almost certainly not what's happening on Wordle right now (phew). And again, this scenario applies to most of the sites you likely visit every day, not just Wordle. But the real scary part about all of this -- at least to me -- is that it can.

Federal investigators spent years hunting for clues in the 2016 hacking of the Bitfinex cryptocurrency exchange, when thieves stole bitcoin now worth $4.5 billion. In the end, what helped lead them to two suspects was something much more quotidian: a $500 Walmart gift card. From a report: That card and more than a dozen others like it, including for Uber, Hotels.com and PlayStation, were linked to emails and cloud service providers belonging to a young Manhattan couple, Ilya "Dutch" Lichtenstein and Heather R. Morgan, according to a criminal complaint. Authorities arrested the couple after seizing $3.6 billion worth of bitcoin allegedly in their control -- the Justice Department's largest financial seizure ever. New details have since emerged about the investigation, in particular how it took advantage of not only advanced forensic tools but also the growing push to rein in crypto crime, including by the industry itself. The discoveries would have been less likely to happen around the time of the hack, when bitcoin was far outside the mainstream of the financial world.

New analysis suggests that 74% of all money made through ransomware attacks in 2021 went to Russia-linked hackers. The BBC reports: Researchers say more than $400 million worth of crypto-currency payments went to groups "highly likely to be affiliated with Russia." Russia has denied accusations that it is harboring cyber-criminals. Researchers also claim "a huge amount of crypto-currency-based money laundering" goes through Russian crypto-companies. Chainalysis, which carried out the research, said it was able to follow the flow of money to and from the digital wallets of known hacking groups using public blockchain transaction records.

In the Chainalysis report, it's highlighted that 9.9% of all known ransomware revenue is going to Evil Corp - an alleged cyber-crime group which the US has issued sanctions and indictments against, but who are operating in Russia with apparent impunity. A BBC investigation in November found that Igor Turashev, one of the accused leaders of Evil Corp, is operating several businesses out of Moscow City's Federation Tower. The tower is one of Russia's most prestigious addresses, home to prominent businesses and with apartments going for millions of dollars. Chainalysis claims several crypto-currency companies based in the tower were used by hackers to launder illicit funds, turning crypto-currency from digital wallet addresses to mainstream money. "In any given quarter, the illicit and risky addresses account for between 29% and 48% of all funds received by Moscow City crypto-currency businesses," researchers allege.

An anonymous reader quotes a report from Ars Technica: The San Francisco Police Department's crime lab has been checking DNA collected from sexual assault victims to determine whether any of the victims committed a crime, according to District Attorney Chesa Boudin, who called for an immediate end to the alleged practice. "The crime lab attempts to identify crime suspects by searching a database of DNA evidence that contains DNA collected from rape and sexual assault victims," Boudin's office said in a press release yesterday. Boudin's release denounced the alleged "practice of using rape and sexual assault victims' DNA to attempt to subsequently incriminate them."

"Boudin said his office was made aware of the purported practice last week, after a woman's DNA collected years ago as part of a rape exam was used to link her to a recent property crime," the San Francisco Chronicle reported yesterday. The woman "was recently arrested on suspicion of a felony property crime, with police identifying her based on the rape-kit evidence she gave as a victim, Boudin said." That was the only example provided, and Boudin gave few details about the case to protect the woman's privacy. But the database may include "thousands of victims' DNA profiles, with entries over 'many, many years,' Boudin said," according to the Chronicle. "We should encourage survivors to come forward -- not collect evidence to use against them in the future. This practice treats victims like evidence, not human beings. This is legally and ethically wrong," Boudin said.

San Francisco Police Chief Bill Scott said the department will investigate and that he is "committed to ending the practice" if Boudin's allegation is accurate. But Scott also said the suspect cited by Boudin may have been identified from a different DNA database. "We will immediately begin reviewing our DNA collection practices and policies... Although I am informed of the possibility that the suspect in this case may have been identified through a DNA hit in a non-victim DNA database, I think the questions raised by our district attorney today are sufficiently concerning that I have asked my assistant chief for operations to work with our Investigations Bureau to thoroughly review the matter and report back to me and to our DA's office partners," Scott said in a statement published by KRON 4. Scott also said, "I am informed that our existing DNA collection policies have been legally vetted and conform with state and national forensic standards," but he noted that "there are many important principles for which the San Francisco Police Department stands that go beyond state and national standards." "We must never create disincentives for crime victims to cooperate with police, and if it's true that DNA collected from a rape or sexual assault victim has been used by SFPD to identify and apprehend that person as a suspect in another crime, I'm committed to ending the practice," Scott said. Even though the alleged practice may already be illegal under California's Victims' Bill of Rights, State Senator Scott Wiener (D-San Francisco) and District 9 Supervisor Hillary Ronen are planning legislation to stop the alleged misuse of DNA.

Wiener said that "if survivors believe their DNA may end up being used against them in the future, they'll have one more reason not to participate in the rape kit process. That's why I'm working with the DA's office to address this problem through state legislation, if needed."

NSO Group's controversial Pegasus spyware should be banned in the European Union, the bloc's in-house privacy watchdog warned on Tuesday. From a report: "The ban on the development and the deployment of spyware with the capability of Pegasus in the EU would be the most effective option to protect our fundamental rights and freedoms," the European Data Protection Supervisor said in a statement on Tuesday. The warning comes amid increasing scrutiny of abuses of surveillance technologies meant to help intelligence and law enforcement agencies fight serious crime and terrorism. While the EU regulator doesn't make decisions for member countries, its influence at the top echelons of the bloc's institutions may encourage other authorities to crack down on surveillance software.

What's the lesson after $3.6 billion in stolen bitcoin was seized by America's Justice Department from the couple who laundering it?

Wired argues it all just shows how hard it is to launder cryptocurrency: In the 24 hours since, the cybersecurity world has ruthlessly mocked their operational security screwups: Lichtenstein allegedly stored many of the private keys controlling those funds in a cloud-storage wallet that made them easy to seize, and Morgan flaunted her "self-made" wealth in a series of cringe-inducing rap videos on YouTube and Forbes columns. But those gaffes have obscured the remarkable number of multi-layered technical measures that prosecutors say the couple did use to try to dead-end the trail for anyone following their money.

Even more remarkable, perhaps, is that federal agents, led by IRS Criminal Investigations, managed to defeat those alleged attempts at financial anonymity on the way to recouping $3.6 billion of stolen cryptocurrency. In doing so, they demonstrated just how advanced cryptocurrency tracing has become — potentially even for coins once believed to be practically untraceable.

Ari Redbord, the head of legal and government affairs for TRM Labs, a cryptocurrency tracing and forensics firm...points to the couple's alleged use of "chain-hopping" — transferring funds from one cryptocurrency to another to make them more difficult to follow — including exchanging bitcoins for "privacy coins" like monero and dash, both designed to foil blockchain analysis. Court documents say the couple also allegedly moved their money through the Alphabay dark web market — the biggest of its kind at the time — in an attempt to stymie detectives....Lichtenstein and Morgan appear to have intended to use Alphabay as a "mixer" or "tumbler," a cryptocurrency service that takes in a user's coins and returns different ones to prevent blockchain tracing....

In July 2017, however — six months after the IRS says Lichtenstein moved a portion of the Bitfinex coins into AlphaBay wallets — the FBI, DEA, and Thai police arrested AlphaBay's administrator and seized its server in a data center in Lithuania. That server seizure isn't mentioned in the IRS's statement of facts. But the data on that server likely would have allowed investigators to reconstruct the movement of funds through AlphaBay's wallets and identify Lichtenstein's withdrawals to pick up their trail again, says Tom Robinson, a cofounder of the cryptocurrency tracing firm Elliptic.
The arrests and "largest financial seizure ever show that cryptocurrency is not a safe haven for criminals..." Deputy Attorney General Lisa O. Monaco said in a press release. "Thanks to the meticulous work of law enforcement, the department once again showed how it can and will follow the money, no matter what form it takes."

Or, as Wired puts it, "Even if your rap videos and sloppy cloud storage accounts don't get you caught, your clever laundering tricks may still not save you from the ever-evolving sophistication of law enforcement's crypto-tracers."

Remember when more than 100,000 Social Security numbers of Missouri teachers were revealed in the HTML code of a state web site? The St. Louis Post-Dispatch's reporter informed the state government and delayed publishings his findings until they'd fixed the hole — but the state's governor then demanded the reporter's prosecution, labelling him "a hacker." In the months that followed, throughout a probe — which for some reason was run by the state's Highway Patrol — the governor had continued to suggest that prosecution of that reporter was imminent.

But it's not. The St. Louis Post-Dispatch reports: A St. Louis Post-Dispatch journalist will not be charged after pointing out a weakness in a state computer database, the prosecuting attorney for Cole County said Friday. Prosecutor Locke Thompson issued a statement to television station KRCG Friday, saying he appreciated Gov. Mike Parson for forwarding his concerns but would not be filing charges....

Parson, who had suggested prosecution was imminent throughout the probe, issued a statement saying Thompson's office believed the decision "was properly addressed...." Post-Dispatch Publisher Ian Caso said in a statement Friday: "We are pleased the prosecutor recognized there was no legitimate basis for any charges against the St. Louis Post-Dispatch or our reporter. While an investigation of how the state allowed this information to be accessible was appropriate, the accusations against our reporter were unfounded and made to deflect embarrassment for the state's failures and for political purposes...."

There is no authorization required to examine public websites, but some researchers say overly broad hacking laws in many jurisdictions let embarrassed institutions lob hacking allegations against good Samaritans who try to flag vulnerabilities before they're exploited....

A political action committee supporting Parson ran an ad attacking the newspaper over the computer incident, saying the governor was "standing up to the fake news media."
Thanks to long-time Slashdot reader UnknowingFool for submitting the story.

"Apple said Thursday it plans to add more safeguards to AirTags to cut down on unwanted tracking," reports CNN, "following reports that the devices have been used to stalk people and steal cars." In a blog post, Apple said it has worked with safety groups and law enforcement agencies to identify more ways to update its AirTag safety warnings, including alerting people sooner if the small Bluetooth tracker is suspected to be tracking someone. (Right now, it can take hours for an AirTag to chirp if it has been separated from its owner.)

Other updates coming later this year include tweaking the tracker's tone sequence so the device is louder and easier to find, and allowing someone to see its distance and direction of an AirTag through the iOS precision finding tool. In addition, Apple will warn AirTag users during the setup process that tracking people without their consent is a crime.
That warning also reminds users "that law enforcement can request identifying information about the owner of the AirTag," Apple writes in their blog post: We have been actively working with law enforcement on all AirTag-related requests we've received. Based on our knowledge and on discussions with law enforcement, incidents of AirTag misuse are rare; however, each instance is one too many. Every AirTag has a unique serial number, and paired AirTags are associated with an Apple ID. Apple can provide the paired account details in response to a subpoena or valid request from law enforcement. We have successfully partnered with them on cases where information we provided has been used to trace an AirTag back to the perpetrator, who was then apprehended and charged.
"We condemn in the strongest possible terms any malicious use of our products," Apple's blog post adds.

Daring Fireball supplies some analysis: The same features that help prevent AirTags from being used to stalk people without their knowing could also alert a thief that whatever it is they've stolen has an AirTag attached. There's no way for AirTags to serve both purposes, so Apple is increasing the protections against unwanted tracking, and emphasizing that AirTags are solely intended for finding your own lost items.

A "shadowy hacker group" named Modified Elephant has been targeting people throughout India "for at least a decade," reports Gizmodo, "sometimes using its digital powers to plant fabricated evidence of criminal activity on their devices. That phony evidence has, in turn, often provided a pretext for the victims' arrest."

They cite a new report from cybersecurity firm Sentinel One "illuminating the way in which its digital dirty tricks have been used to surveil and target "human rights activists, human rights defenders, academics, and lawyers" throughout India. The most prominent case involving Elephant centers around Maoist activist Rona Wilson and a group of his associates who, in 2018, were arrested by India security services and accused of plotting to overthrow the government. Evidence for the supposed plot — including a word document detailing plans to assassinate the nation's prime minister, Narendra Modi — was found on the Wilson's laptop. However, later forensic analysis of the device showed that the documents were actually fake and had been artificially planted using malware. According to Sentinel researchers, it was Elephant that put them there.

This case, which gained greater exposure after being covered by the Washington Post, was blown open after the aforementioned laptop was analyzed by a digital forensics firm, Boston-based Arsenal Consulting. Arsenal ultimately concluded that Wilson and all of his so-called co-conspirators, as well as many other activists, had been targeted with digital manipulation....

According to the Sentinel One's report, Elephant uses common hacking tools and techniques to gain a foothold in victims' computers. Phishing emails, typically tailored to the victim's interests, are loaded with malicious documents that contain commercially available remote access tools (RATs) — easy-to-use programs available on the dark web that can hijack computers....

An entirely different group is believed to have conducted similar operations against Baris Pehlivan, a journalist in Turkey who was incarcerated for 19 months in 2016 after the Turkish government accused him of terrorism. Digital forensics later revealed that the documents used to justify Pehlivan's charges had been artificially implanted, much like those on Wilson's laptop.

An anonymous reader quotes a report from Ars Technica, written by Dan Goodin: About 500 e-commerce websites were recently found to be compromised by hackers who installed a credit card skimmer that surreptitiously stole sensitive data when visitors attempted to make a purchase. A report published on Tuesday is only the latest one involving Magecart, an umbrella term given to competing crime groups that infect e-commerce sites with skimmers. Over the past few years, thousands of sites have been hit by exploits that cause them to run malicious code. When visitors enter payment card details during purchase, the code sends that information to attacker-controlled servers.

Sansec, the security firm that discovered the latest batch of infections, said the compromised sites were all loading malicious scripts hosted at the domain naturalfreshmall[.]com. "The Natural Fresh skimmer shows a fake payment popup, defeating the security of a (PCI compliant) hosted payment form," firm researchers wrote on Twitter. "Payments are sent to https://naturalfreshmall.com/p...." The hackers then modified existing files or planted new files that provided no fewer than 19 backdoors that the hackers could use to retain control over the sites in the event the malicious script was detected and removed and the vulnerable software was updated. The only way to fully disinfect the site is to identify and remove the backdoors before updating the vulnerable CMS that allowed the site to be hacked in the first place.

Sansec worked with the admins of hacked sites to determine the common entry point used by the attackers. The researchers eventually determined that the attackers combined a SQL injection exploit with a PHP object injection attack in a Magento plugin known as Quickview. [...] It's not hard to find sites that remain infected more than a week after Sansec first reported the campaign on Twitter. At the time this post was going live, Bedexpress[.]com continued to contain this HTML attribute, which pulls JavaScript from the rogue naturalfreshmall[.]com domain. The hacked sites were running Magento 1, a version of the e-commerce platform that was retired in June 2020. The safer bet for any site still using this deprecated package is to upgrade to the latest version of Adobe Commerce. Another option is to install open source patches available for Magento 1 using either DIY software from the OpenMage project or with commercial support from Mage-One.

An anonymous reader quotes a report from Motherboard: A section of the New York Police Department (NYPD) focused on intelligence gathering received a demo of NSO Group's controversial Pegasus spyware product, according to an email obtained by Motherboard. The news provides more insight into Israeli company NSO Group's push into the surveillance market in the United States, and specifically its pitching of the company's technology to American police forces. The findings come after the New York Times reported that the FBI bought a Pegasus license in 2019 for evaluation purposes.

"There will be a demo of the attached investigative software at the Rutgers School of Criminal Justice," James Sheehan, a program manager from the Northern New Jersey-Newark/Jersey City UASI, wrote in the August 2015 email. The UASI is the Urban Area Security Initiative, a program administered by the Department of Homeland Security which brings together bodies from law enforcement, fire service, public health, and more to address threats of terrorism and other issues. "The audience is the UASI/CorrStat region and NYPD intel," Sheehan continued. Recipients on Sheehan's email inviting people to attend included representatives from the Bergen County Prosecutor's Office, Jersey City's public safety agency, and the Paterson Police Department, a city of just over 150,000.

Attached to Sheehan's email was a brochure for Pegasus, NSO Group's hacking product, which advertised the tool's ability to obtain a target's calls, contacts, emails, WhatsApp messages, track their location, and more. The brochure contains a logo for WestBridge, NSO Group's North American branch. "Turn Your Target's Smartphone into an Intelligence Gold Mine," the Pegasus brochure reads. "NYPD intel" likely refers to the NYPD's Intelligence Bureau. Its mission is to "detect and disrupt criminal and terrorist activity through the use of intelligence-led policing. In combination with traditional policing methods, uniformed officers and civilian analysts in the Intelligence Bureau collect and analyze information from a variety of sources in order to advance criminal and terrorist investigations," according to the NYPD's website.

The Justice Department announced Tuesday morning it seized more than $3.6 billion in allegedly stolen cryptocurrency linked to the 2016 hack of Bitfinex. As part of the operation, authorities detained a New York couple on allegations they planned to launder the digital goods. From a report: It marks the agency's largest financial seizure ever, Deputy Attorney General Lisa Monaco said in a statement. Officials said they arrested Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31 and who also goes by the alias "razzlekhan". The couple is scheduled to make their initial appearances in federal court later in the day. Authorities accuse the pair of trying to launder the proceeds of 119,754 bitcoin that were stolen from Bitfinex's platform after a hacker breached Bitfinex's systems and initiated more than 2,000 unauthorized transactions. Prosecutors allege that the transactions sent the stolen bitcoin to Lichtenstein's digital wallet. Officials said they were able to seize more than 94,000 bitcoin, which was valued around $3.6 billion at the time of seizure. In all, the total stolen bitcoin is presently valued at approximately $4.5 billion, according to the agency. A 2019 rap video by Morgan.

Israel will investigate allegations that police illicitly used homegrown spyware that's gained notoriety abroad against its own citizens. From a report: The government will form a committee to look into a series of reports by Calcalist, a Hebrew business daily, that law enforcement officials used NSO Group's Pegasus software without a court order to tap into the phones of citizens both prominent and obscure, including a key prosecution witness in former Prime Minister Benjamin Netanyahu's corruption trial. Others allegedly targeted include an anti-Netanyahu protester, the former Israeli leader's son, high-ranking officials, and the heads of some of the country's biggest companies. Israeli officials, including the minister in charge of police, initially denied any impropriety. But the police later backtracked, citing "additional findings," and on Monday, Public Security Minister Omer Bar-Lev ordered the investigation. "The reports about Pegasus, if they are true, are very serious," Prime Minister Naftali Bennett said in a statement on Monday. "This tool (Pegasus) and similar tools, are important tools in the fight against terrorism and severe crime, but they were not intended to be used in phishing campaigns targeting the Israeli public or officials -- which is why we need to understand exactly what happened."

Last month streamers in China discovered that Fight Club had arrived on streaming platform Tencent — but with an entirely new ending where local authorities "rapidly figured out the whole plan and arrested all criminals....."

But now there's been another round of changes, according to the Hollywood Reporter. "After widespread online backlash to clumsy censorship of the film's ending, Chinese streaming service Tencent Video backtracked in recent days and restored most of the cuts it had made." Crucially, Fight Club's complete ending is now viewable in full in China...

News of the cuts went viral around the world and sparked much debate and embarrassment on Chinese social media about local censorship practices.... [I]t would appear that the backlash has been deemed more troublesome than the fictional film's ending, as Tencent has now restored 11 of the 12 minutes it originally cut from the 137-minute movie. The minute still missing is mostly comprised of brief nude sex scenes between Brad Pitt's and Helena Bonham Carter's characters.
Insider reports that changing the original ending provoked comments like these on China's Twitter-like platform Weibo:

- "This has become a Chinese-only joke. Even dogs won't want to watch this."

- "This is exactly why, even if you have streaming platform subscriptions, you still have to watch pirated versions."


And it brought massive attention to China's history of changing movies, notes the Wrap since "word quickly spread across the globe, bringing embarrassment to the country," reports the Wrap: Censorship of American films and TV shows at the behest of Chinese officials has become common as Hollywood has made in-roads in the country over the past decade. Last year, an episode of "The Simpsons" in which the titular family visits China was removed from Disney+ in Hong Kong over a joke made in the film about the Tiananmen Square protests in 1989 and the Chinese government's censorship of the event.
Even the South China Morning Post reported that Chuck Palahniuk, the author of the novel that inspired the film, "appeared to mock the move on Twitter. 'Everyone gets a happy ending in China!' he wrote..." Similar changes have been made to other films in China in the past. Nicolas Cage's 2005 crime film Lord of War had its final half-hour cut and replaced with text reading, "Yuri Orlov confessed all the crimes officially charged against him in court and was sentenced to life imprisonment in the end."
And another example from the Hollywood Reporter: After 20th Century Fox's Queen biopic Bohemian Rhapsody won multiple Oscars in the 2018, it was granted a theatrical release in China — but only after all mentions of Freddie Mercury's homosexuality were cut from the film.
But in this case a global popular outcry appears to have been too embarrasing to endure. According to the Hollywood Reporter now we even have an expected ending to the story of how China tried to censor Fight Club.

"Reversals of censorship actions are extremely rare within China's entertainment industry — but cuts to Hollywood movies are not."

North Korea funded its missile programs with millions of dollars in stolen cryptocurrency, reports the BBC, citing a new UN report: Between 2020 and mid-2021 cyber-attackers stole more than $50m (£37m) of digital assets, investigators found. Such attacks are an "important revenue source" for Pyongyang's nuclear and ballistic missile programme, they said. The findings were reportedly handed to the UN's sanctions committee on Friday.

The cyber-attacks targeted at least three cryptocurrency exchanges in North America, Europe and Asia.

The report also referenced a study published last month by the security firm Chainalysis that suggested North Korean cyberattacks could have netted as much as $400m worth of digital assets last year. And in 2019, the UN reported that North Korea had accumulated an estimated $2bn for its weapons of mass destruction programmes by using sophisticated cyber-attacks....

The US said on Friday that North Korea — formally known as the Democratic People's Republic of Korea (DPRK) — carried out nine missile tests last month alone.

The NFT marketplace is rife with people buying their own NFTs in order to drive up prices, according to a report released this week by blockchain data firm Chainalysis. Engadget reports: Known as "wash trading," the act of buying and selling a security in order to fool the market was once commonplace on Wall Street, and has been illegal for nearly a century. But the vast, unregulated NFT marketplace has shown to be a golden opportunity for scammers. The report tracked instances of the same traders selling the same NFTs back and forth at least 25 times, a likely incident of wash trading. It identified a group of 110 alleged NFT wash traders who have made roughly $8.9 million in profit from this practice. Researchers also discovered significant evidence of money laundering in the NFT marketplace in the last half of 2021. The value sent to NFT marketplaces by addresses associated with scams spiked significantly in the third quarter of 2021, worth more than $1 million worth of cryptocurrency, according to the report. Roughly $1.4 million dollars of sales in the fourth quarter of 2021 came from such illicit addresses. "NFT wash trading exists in a murky legal area. While wash trading is prohibited in conventional securities and futures, wash trading involving NFTs has yet to be the subject of an enforcement action," wrote the authors of the report.

Big tech companies whose online platforms carry advertisements for scams should be made to reimburse victims, British lawmakers said, as part of wider efforts to combat a growing epidemic of online fraud in Britain. From a report: While banks have signed up for a voluntary code to reimburse fraud victims who do enough to protect themselves, there is not sufficient regulation governing social media and other websites where victims are often first lured in, Mel Stride, chairman of the cross-party Treasury committee, told Reuters. "The government should look at some kind of arrangement that makes the polluter pay," he said. "Online platforms are hosting this stuff, not really putting enough effort into weeding it out, and indeed financially benefiting because they're getting the advertising revenues," Stride said. TechUK, a trade body that represents major tech companies in Britain, including Facebook, Twitter and Microsoft, declined to provide an immediate comment. Stride's comments came as the Treasury committee on Wednesday published the findings of a report on economic crime, which urged the government to seriously consider forcing online platforms to help to refund victims.