Secret Bitcoin ransom, Interpol arrests, and spy VPNs: cybersecurity digest
This week, several landmark events occurred in the world of cybersecurity and cryptocurrencies that deserve close attention. From prison intrigues to global police operations, here are the key news stories.
Inmate Outsmarts the System: Withdrew $290,000 in Crypto
Bulgarian citizen Rossen Iossifov, serving a 111-month sentence for online auction fraud and laundering $5 million through the RG Coins exchange, managed to orchestrate the withdrawal of $290,000 in cryptocurrency that had previously been confiscated by the state. The incident occurred in January 2024 when Iossifov, while behind bars, conspired to move the digital assets. To cover his tracks, he routed the transactions through several exchanges and mixers. He now faces up to 25 years in prison on new charges.
Interpol Strikes a Devastating Blow: $293 Million and 5,800 Arrests
Interpol's global Operation First Light 2026, involving 97 countries, led to the arrest of 5,811 suspects and the seizure of assets worth $293 million. Law enforcement actively used the I-GRIP mechanism to quickly freeze both bank transfers and cryptocurrency transactions. As a result of the operation, over 31,000 bank accounts and crypto wallets were blocked, and more than 23,700 criminal cases were opened. In Thailand, for example, a crypto wallet was uncovered through which over $122.5 million from "romance scams" had passed in just 10 months.
Free VPNs: Protection or Espionage?
Researchers from the University of Michigan and other institutions analyzed over 280 free VPN applications from Google Play. The results are shocking: many of them not only fail to protect users but also engage in data collection themselves. Over 80% of the apps connected to advertising servers, transmitting unique device identifiers and metadata. 29 apps allowed DNS query leaks, and 169 did not mask traffic. Experts warn that security badges on Google Play are merely a marketing gimmick, not a guarantee of reliability.
US Authorities Secretly Paid a Ransom in Bitcoin
On June 13, 2025, the administration of Union County, Ohio, paid a ransom of 9.44 BTC (~$1 million) to hackers from the Kairos group. This is the first time a US government entity has agreed to such terms. The hackers did not encrypt the infrastructure but simply threatened to publish 2 TB of confidential data, including social security numbers and fingerprints. After lengthy negotiations, the amount was reduced from $3 million to $1 million. Experts note a global shift in cybercriminal tactics: hackers are increasingly turning to pure extortion, abandoning complex encryption software.
Expert Opinion
The trend toward extortion without encryption is an alarming signal for the market. It lowers the barrier to entry for cybercriminals and makes attacks more covert. Authorities and businesses will have to rethink their defense strategies, focusing on preventing leaks rather than recovering from them.