The Royal Bahamas Police Force arrested FTX founder Sam Bankman-Fried, a press statement said. CoinDesk reports: The arrest came after the U.S. filed criminal charges against Bankman-Fried, the statement said, and the nation expects the U.S. to request The Bahamas extradite Bankman-Fried in short order. "As a result of the notification received and the material provided therewith, it was deemed appropriate for the Attorney General to seek SBF's arrest and hold him in custody pursuant to our nation's Extradition Act," the statement, attributed to Attorney General Ryan Pinder, said. "At such time as a formal request for extradition is made, The Bahamas intends to process it promptly, pursuant to Bahamian law and its treaty obligations with the United States."

A tweet from the U.S. Attorney's Office for the Southern District of New York confirmed that prosecutors in the U.S. indicted Bankman-Fried, though the indictment remains under seal. In the Bahamas' statement, Bahamas Prime Minister Philip Davis said the country would continue pursuing its own investigation into FTX's collapse, alongside the U.S.'s criminal charges. Bankman-Fried was set to testify virtually before the House Financial Services Committee about the exchange's collapse on Tuesday.

Tax authorities from Australia, Canada, France, the UK and the USA have conducted a joint probe into "electronic sales suppression software" -- applications that falsify point of sale data to help merchants avoid paying tax on their true revenue. From a report: A Friday announcement from the Joint Chiefs of Global Tax Enforcement (known as the J5), states that the probe "resulted in the arrest of five individuals in the United Kingdom who allegedly designed and sold electronic sales suppression systems internationally." Those responsible allegedly started to export their wares during the COVID-19 pandemic.

"These dodgy sales suppression tools allow retailers to keep a separate set of books and launder the money in one transaction," explained J5 chief and Australian Taxation Office deputy commissioner John Ford. "They conceal and transfer this income anonymously, sometimes offshore."

U.S. telecom providers, under a new FCC order, will have to take "all necessary steps" to block calls from a shady communication company engaged in a mass robocall scam preying on people seeking student loan forgiveness. From a report: The scammer company, called Urth Access, LLC, would reportedly spam users with calls urging them to forfeit their personal information or pay a fee in order to receive up to around $10,000 in student loan debt relief. Many of the scams reportedly referred to the Biden Administration's student loan forgiveness plan to give the messages a semblance of credibility. Though numerous fraudsters took part in the scam, an investigation conducted by the FCC and its private partner YouMail said Urth Access stood apart as the largest, accounting for around 40% of the robocalls in October.

"Scam robocalls try to pull from the headlines to confuse consumers," FCC Commissioner Jessica Rosenworcel said in a statement. "Trying to take advantage of people who want help paying off their student loans. Today we're cutting these scammers off so they can't use efforts to provide student loan debt relief as cover for fraud." The new order asks telecommunications companies to cease accepting phone calls coming from Urath Access, or report efforts they are making to limit Urath's reach in an effort to shut down the scams.

An anonymous reader quotes a report from MacRumors: Apple yesterday announced that end-to-end encryption is coming to even more sensitive types of iCloud data, including device backups, messages, photos, and more, meeting the longstanding demand of both users and privacy groups who have rallied for the company to take the significant step forward in user privacy. iCloud end-to-end encryption, or what Apple calls "Advanced Data Protection," encrypts users' data stored in iCloud, meaning only a trusted device can decrypt and read the data. iCloud data in accounts with Advanced Data Protection can only be read by a trusted device, not Apple, law enforcement, or government entities.

While privacy groups and apps applaud Apple for the expansion of end-to-end encryption in iCloud, governments have reacted differently. In a statement to The Washington Post, the FBI, the largest intelligence agency in the world, said it's "deeply concerned with the threat end-to-end and user-only-access encryption pose." Speaking generally about end-to-end encryption like Apple's Advanced Data Protection feature, the bureau said that it makes it harder for the agency to do its work and that it requests "lawful access by design": "This hinders our ability to protect the American people from criminal acts ranging from cyber-attacks and violence against children to drug trafficking, organized crime, and terrorism," the bureau said in an emailed statement. "In this age of cybersecurity and demands for 'security by design,' the FBI and law enforcement partners need 'lawful access by design.'"

Former FBI official Sasha O'Connell also weighed in, telling The New York Times "it's great to see companies prioritizing security, but we have to keep in mind that there are trade-offs, and one that is often not considered is the impact it has on decreasing law enforcement access to digital evidence."

An anonymous reader quotes a report from CNBC: Former Theranos chief operating officer and president Ramesh "Sunny" Balwani was sentenced to nearly 13 years in prison Wednesday for fraud, after the unraveling of the blood-testing juggernaut prompted criminal charges in California federal court against both Balwani and Theranos founder Elizabeth Holmes, who on Nov. 18 was sentenced to more than 11 years in prison.

During the sentencing hearing, attorneys for Balwani attempted to pin the blame on Holmes, telling U.S. District Court Judge Edward J. Davila that "decisions were made by Elizabeth Holmes." Davila had set a sentencing range of 11 years plus 3 months to 14 years, but prosecutors today sought a 15-year sentence given his "significant" oversight role at Theranos' lab business. The final guideline sentence was 155 months, plus three years of probation. Davila set a Mar. 15, 2023, surrender date. [...] Balwani's sentencing in federal court marks the end of the Theranos saga, which enthralled the public and prompted documentary films and novel treatments.

Nobody is immune to being scammed online -- not even the people running the scams. From a report: Cybercriminals using hacking forums to buy software exploits and stolen login details keep falling for cons and are getting ripped off thousands of dollars at a time, a new analysis has revealed. And what's more, when the criminals complain that they are being scammed, they're also leaving a trail of breadcrumbs of their own personal information that could reveal their real-world identities to police and investigators. Hackers and cybercriminals often gather on specific forums and marketplaces to do business with each other. They can advertise upcoming work they need help with, sell databases of people's stolen passwords and credit card information, or tout new security vulnerabilities that can be used to break into people's devices or systems. However, these deals often don't go to plan.

The new research, published today by cybersecurity firm Sophos, examines these failed transactions and the complaints people have made about them. "Scammers scamming scammers on criminal forums and marketplaces is much bigger than we originally thought it was," says Matt Wixey, a researcher with Sophos X-Ops who studied the marketplaces. Wixey examined three of the most prominent cybercrime forums: the Russian-language forums Exploit and XSS, plus the English-language BreachForums, which replaced RaidForums when it was seized by US law enforcement in April. While the sites operate in slightly different ways, they all have "arbitration" rooms where people who think they've been scammed or wronged by other criminals can complain. For instance, if someone purchases malware and it doesn't work, they may moan to the site's administrators. The complaints sometimes lead to people getting their money back, but more often act as a warning for other users, Wixey says. In the past 12 months -- the period the research covers -- criminals on the forums have lost more than $2.5 million to other scammers, the analysis says. Some people complain about losing as little as $2, while the median scams on each of the sites ranges from $200 to $600, according to the research, which is being presented at the BlackHat Europe security conference.

An anonymous reader quotes a report from KrebsOnSecurity: In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet's largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for tortious interference in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google's legal fees. The lawyer for the defendants, New York-based cybercrime defense attorney Igor Litvak, filed a motion to reconsider (PDF), asking the court to vacate the sanctions against him. He said his goal is to get the case back into court. "The judge was completely wrong to issue sanctions," Litvak told KrebsOnSecurity. "From the beginning of the case, she acted as if she needed to protect Google from something. If the court does not decide to vacate the sanctions, we will have to go to the Second Circuit (Court of Appeals) and get justice there."

Meanwhile, Google said the court's decision will have significant ramifications for online crime, adding that it's observed a 78 percent reduction in the number of hosts infected by Glupteba since its technical and legal attacks on the botnet last year.

"While Glupteba operators have resumed activity on some non-Google platforms and IoT devices, shining a legal spotlight on the group makes it less appealing for other criminal operations to work with them," reads a blog post from Google's General Counsel Halimah DeLaine Prado and vice president of engineering Royal Hansen. "And the steps [Google] took last year to disrupt their operations have already had significant impact."

New submitter CrankyOldGuy writes: Chinese hackers have stolen tens of millions of dollars worth of U.S. COVID relief benefits since 2020, the Secret Service said on Monday. The Secret Service declined to provide any additional details but confirmed a report by NBC News that said the Chinese hacking team that is reportedly responsible is known within the security research community as APT41 or Winnti. APT41 is a prolific cybercriminal group that had conducted a mix of government-backed cyber intrusions and financially motivated data breaches, according to experts.

Several members of the hacking group were indicted in 2019 and 2020 by the U.S. Justice Department for spying on over 100 companies, including software development companies, telecommunications providers, social media firms, and video game developers. "Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China," former Deputy Attorney General Jeffrey Rosen said at the time.

A torrent site user accused of downloading and uploading at least 120TB of movies, TV shows, eBooks, music and software, has avoided an immediate prison term. The 28-year-old was arrested as part of a police operation against DanishBytes. A member of the same site was sentenced earlier this month after he uploaded Netflix content obtained using hacked credentials. TorrentFreak reports: Early November 2021, Denmark's Public Prosecutor for Special Economic and International Crime (SOIK) announced that six people had been arrested following criminal referrals by Rights Alliance. All were members and/or operators of ShareUniversity and DanishBytes. Prosecution of site operators is not uncommon but when it's deemed in the public interest, pirate site users can also face charges. Every case is unique so criteria differ, especially across national borders, but when evidence shows large volumes of infringement, successful prosecutions become more likely. That was the case when a former DanishBytes user was sentenced last week. According to Danish anti-piracy group Rights Alliance, the 28-year-old man was a regular site member and wasn't involved in running the site. That being said, evidence showed that for the period January 2021 to November 2021, he downloaded and/or uploaded no less than 3,000 copyrighted works, including movies, TV shows, music, books, audiobooks and comics.

Information released by the National Unit for Special Crimes (NSK), a Danish police unit focused on cybercrime, organized crime, and related financial crime, reveals that the user's traffic statistics interested prosecutors. "During the period, the man downloaded no less than 100 TB and uploaded no less than 20 TB of copyrighted material," NSK says. BitTorrent trackers operating a ratio model usually insist on a better ratio of downloads to uploads but DanishBytes' situation was out of the ordinary.

The site launched in January 2021 in the wake of other sites being shut down, so had to get going from a standing start with no users. Even when arrests were being made, the site still had a relatively small userbase, which can limit opportunities to upload more. That may have been a blessing in disguise. Faced with the evidence, the man decided to plead guilty and was sentenced last week at the Court in Vibourg. In common with similar prosecutions recently, he received a suspended conditional sentence of 60 days' probation, 80 hours of community service, and confiscation of his computer equipment. The case against the DanishBytes user began with a Rights Alliance investigation and a referral to the police. As part of his sentence, the man must pay the anti-piracy group DKK 5,000 (US$600) in compensation but Rights Alliance director Maria Fredenslund is focused on the deterrent effect of another successful prosecution.

The US government must drop its prosecution of the WikiLeaks co-founder Julian Assange because it is undermining press freedom, according to the media organizations that first helped him publish leaked diplomatic cables. The Guardian reports: Twelve years ago today, the Guardian, the New York Times, Le Monde, Der Spiegel, and El Pais collaborated to release excerpts from 250,000 documents obtained by Assange in the "Cablegate" leak. The material, leaked to WikiLeaks by the then American soldier Chelsea Manning, exposed the inner workings of US diplomacy around the world. The editors and publishers of the media organizations that first published those revelations have come together to publicly oppose plans to charge Assange under a law designed to prosecute first world war spies. "Publishing is not a crime," they said, saying the prosecution is a direct attack on media freedom.

An international police operation has dismantled an online spoofing service that allowed cybercriminals to impersonate trusted corporations to steal more than $120 million from victims. From a report: iSpoof, which now displays a message stating that it has been seized by the FBI and the U.S. Secret Service, offered "spoofing" services that enabled paying users to mask their phone numbers with one belonging to a trusted organization, such as banks and tax offices, to carry out social engineering attacks. "The services of the website allowed those who sign up and pay for the service to anonymously make spoofed calls, send recorded messages, and intercept one-time passwords," Europol said in a statement on Thursday. "The users were able to impersonate an infinite number of entities for financial gain and substantial losses to victims."

London's Metropolitan Police, which began investigating iSpoof in June 2021 along with international law enforcement agencies, in the U.S., the Netherlands, and Ukraine, said it had arrested the website's suspected administrator, named as Teejai Fletcher, 34, charged with fraud and offenses related to organized crime. Fletcher was remanded to custody and will appear at Southwark Crown Court in London on December 6. iSpoof had around 59,000 users, which caused $58.2 million of losses to 200,000 identified victims in the U.K., according to the Met Police. One victim was scammed out of $3.64 million, while the average amount stolen was $12,100.

An anonymous reader quotes a report from TorrentFreak: In May 2022, Italian police claimed that thousands of people had unwittingly subscribed to a pirate IPTV service being monitored by the authorities. When users tried to access illegal streams, a warning message claimed that they had already been tracked. With fines now being received through the mail, police are making some extraordinary claims about how this was made possible. [...] Today's general consensus is that hitting site operators is much more effective but whenever the opportunity appears, undermining user confidence should be part of the strategy. Italian police have been following the same model by shutting down pirate IPTV services (1,2,3) and warning users they're up next.

Letters recently sent to homes in Italy reveal that police were not bluffing. A copy letter obtained by Iilsole24ore identifies the send as the Nucleo Speciale Tutela Privacy e Frodi Tecnologiche, a Guardia di Finanza unit specializing in IT-related crime. It refers to an anti-IPTV police operation in May. The operation targeted around 500 pirate IPTV resources including websites and Telegram channels. At the time, police also reported that 310+ pieces of IPTV infrastructure, including primary and balancing servers distributing illegal streams, were taken offline. Police also claimed that a tracking system made it possible to identify the users of the pirate streams. The letter suggests extraordinary and potentially unprecedented tactics.

The letters state that Italian authorities were able to track the IPTV users by "arranging for the redirection of all Internet service providers' national connections" so that subscribers placed their orders on a police-controlled server configured to record their activity. In comments to Iilsole24ore, Gian Luca Berruti, head of investigations at the Guardia di Finanza, describes the operation as "decisive" in the fight against cybercrime. Currently deployed to Italy's National Cybersecurity Agency, Berruti references "innovative investigative techniques" supported by "new technological tools." Technical details are not being made public, but it's claimed that IPTV users were tracked by "tracing of all connections to pirate sites (IPs) combined, in real-time," and "cross-referencing telematic information with that derived from the payment mechanisms used." The police operation in May was codenamed Operazione:Dottor Pezzotto. A Telegram channel with exactly the same branding suffered a traffic collapse at exactly the same time. "The letters refer to an administrative copyright infringement fine of just 154 euros or 'in case of recidivism' a total of 1,032 euros," notes the report. "However, if people pay their fines within 60 days, the amounts are reduced to 51 euros and 344 euros respectively."

"Around 1,600 people are believed to have been targeted in this first wave of letters but according to Andrea Duillo, CEO of Sky Italia, this is just the start."

An anonymous reader quotes a report from Ars Technica: Last month, the alleged masterminds behind Z-Library -- an e-book pirate site that claims to be "the world's largest library" -- were arrested. According to a press release yesterday from the US Department of Justice, Russian nationals Anton Napolsky and Valeriia Ermakova have been charged with "criminal copyright infringement, wire fraud and money laundering for operating Z-Library." "As alleged, the defendants profited illegally off work they stole, often uploading works within mere hours of publication, and in the process victimized authors, publishers, and booksellers," Breon Peace, the United States attorney for the Eastern District of New York, said in a statement.

At the request of the US government, Napolsky and Ermakova were arrested in Argentina on November 3. On the same day, the US government seized "a complex network of approximately 249 interrelated web domains," the press release said. For many less web-savvy users, the domain seizure essentially shut down access to Z-Library's 11 million e-books, but anyone on the dark web knows it's still up and running -- suggesting that while arresting Napolsky and Ermakova has stifled Z-Library, it has not shuttered it, and it could come back. TorrentFreak reported that it's still unknown if the pair has been involved with Z-Library since the start. Michael J. Driscoll, the assistant director in charge at the New York Federal Bureau of Investigation field office, seems to suspect they have. Although the indictment is only focused on the duo's alleged criminal activity between 2018 and 2022, Driscoll said that they are believed to have "operated a website for over a decade whose central purpose was providing stolen intellectual property, in violation of copyright laws."

"Intellectual property theft crimes deprive their victims of both ingenuity and hard-earned revenue," Driscoll said. "The FBI is determined to ensure those willing to steal and profit from the creativity of others are stopped and made to face the consequences in the criminal justice system." If Napolsky and Ermakova are charged, the indictment said that they will be required to "forfeit any property, real or personal, constituting, or derived from, proceeds obtained directly or indirectly as a result of such offenses." TorrentFreak reported that Argentina has not yet received a request from the US to extradite the accused Z-Library operators, but that will be the next step toward shutting down Z-Library. "Z-Library has linked eager readers to millions of free e-books since 2009, but it wasn't until Z-Library began recently trending on TikTok that authors protesting the piracy decided enough was enough," adds Ars. The TikTok hashtag #zlibrary was viewed 19 million times, which spurred The Authors Guild to complain to the Office of the United States Trade Representative.

"Z-Library is killing us," romance writer Sarina Bowen told officials. "A book we release in the morning is up on Z-Library by lunchtime. This isn't the only site that hurts us, but it's the site that keeps showing up in TikTok videos."

Italy prohibited the use of facial recognition and "smart glasses" on Monday as its Data Protection Agency issued a rebuke to two municipalities experimenting with the technology. Reuters reports: Facial recognition systems using biometric data will not be allowed until a specific law is adopted or at least until the end of next year, the privacy watchdog said. The exception is when such technologies play a role in judicial investigations or the fight against crime. "The moratorium arises from the need to regulate eligibility requirements, conditions and guarantees relating to facial recognition, in compliance with the principle of proportionality," the agency said in a statement.

Under European Union and Italian law, the processing of personal data by public bodies using video devices is generally allowed on public interest grounds and when linked to the activity of public authorities, it added. However, municipalities that want to use them have to strike "urban security pacts" with central government representatives, it added. The agency was reacting to measures taken in the southern Italian city of Lecce, where authorities said they would begin using a technology based on facial recognition. The privacy watchdog also targeted the Tuscan city of Arezzo, where local police were due to be equipped with infrared super glasses that can recognise car number plates.

"Federal prosecutors are asking a judge to sentence Elizabeth Holmes to 15 years in prison," reports the Guardian, "and require the Theranos founder to pay $800m in restitution, according to court documents filed on Friday." A jury found Holmes guilty in January of four counts of investor fraud and conspiracy. Her sentencing is scheduled for 18 November, and she faces a maximum 20 years in prison. Prosecutors argued that "considering the extensiveness of Holmes's fraud", their recommended sentencing would "reflect the seriousness of the offenses, provide for just punishment for the offenses, and deter Holmes and others".

Holmes's lawyer argued in documents filed on Thursday that the ex-Theranos boss should not be sentenced to prison at all and, at most, should receive 18 months of house arrest. The court filings argued that Holmes had been made a "caricature to be mocked and vilified" by the media over the years, though she is a caring mother and friend.

"Ms Holmes is no danger to the public," Holmes's lawyer said in the court documents. "She has no criminal history, has a perfect pretrial services compliance record, and is described by the people who know her repeatedly as a gentle and loving person who tries to do the right thing."

Last week Australia's bigest health insurer, Medibank, said that data on all 4 million of its customers was breached. Now the group behind that breach "have since released more sensitive details of customers' medical records on the dark web, including data on abortions and alcohol issues," reports Australia's public broadcaster.

Their article points out that the release "follows Medibank's refusal to pay a ransom for the data, with almost 500,000 health claims stolen, along with personal information." But what's really interesting is that article's headine:

" 'Hunt down the scumbags': Australian government to 'hack the hackers' behind Medibank breach" The Australian government is going to "hunt down the scumbags" responsible for the Medibank hack that compromised the private information of nearly 10 million customers, cyber security minister Clare O'Neil said.... "Around 100 officers around these two organisations will be a part of this joint standing operation, and many of these officers will be physically co-located from the Australian Signals Directorate," she said. Ms. O'Neil said the officers will "show up to work every day" with the "goal of bringing down these gangs and thugs".

"This is the formalisation of a partnership — a standing body within the Australian government which will day in, day out, hunt down the scumbags who are responsible for these malicious crimes against innocent people," she said. "The smartest and toughest people in our country are going to hack the hackers...."

Australian Federal Police Commissioner Reece Kershaw on Friday said officers were also working with Interpol to track down the criminals. "We know who you are," he said. "The AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system."
One Australian think tank told the Associated Press that the breach was caused by a stolen username and password, sold on a Russian dark web forum. "In a tweet, Australian Prime Minister Anthony Albanese, whose own Medibank data was stolen, said the Australian Federal Police knows where the hackers are and are working to bring them to justice," reports TechCrunch: The cybercriminals claimed that they initially sought $10 million in ransom from Medibank before reducing the sum to $9.7 million, or $1 per affected customer, the blog said. "Unfortunately, we expect the criminal to continue to release stolen customer data each day," Medibank CEO David Koczkar said on Friday. "These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care."
Thanks to long-time Slashdot reader schwit1 for sharing the story.

More than $380 million in crypto left bankrupt crypto company FTX's wallets late Friday, with little clear explanation as to why. CoinDesk: According to on-chain data, various Ethereum tokens, as well as Solana and Binance Smart Chain tokens have exited FTX's official wallets and moved to decentralized exchanges like 1inch. Both FTX and FTX US appear to be affected. FTX US general counsel Ryne Miller tweeted that he was "investigating abnormalities with wallet movements related to consolidation of ftx balances across exchanges."

The transfers, which have not been addressed officially by FTX leadership, come on the same day that the firm officially filed for Chapter 11 bankruptcy protection after apparently losing billions of dollars in user funds. Many FTX wallet holders are also reporting that they are seeing $0 balances in their FTX.com and FTX US wallets. There are indications that FTX may have been hacked.

At least $1 billion of customer funds have vanished from collapsed crypto exchange FTX, Reuters reported separately. From the report: The exchange's founder Sam Bankman-Fried secretly transferred $10 billion of customer funds from FTX to Bankman-Fried's trading company Alameda Research, the people told Reuters. A large portion of that total has since disappeared, they said. One source put the missing amount at about $1.7 billion. The other said the gap was between $1 billion and $2 billion.

An anonymous reader quotes a report from Motherboard: The Queensland, Australia police have used DNA phenotyping for the first time ever in hopes of leading to a breakthrough for a 1982 murder. The department partnered with a U.S.-based company called Parabon NanoLabs to create a profile image of the murder suspect, a Caucasian man with long blonde hair. Police claim that this image was generated using blood samples found at the scene of the murder of a man from 40 years ago; according to the Australian Broadcasting Corporation this is the first time "investigative genetic genealogy" has been used in Queensland.

This image does not factor in any environmental characteristics, such as tattoos, facial hair, and scars, and cannot determine the age or body mass of the suspect. However, Queensland investigators have published the image online and are offering a $500,000 reward and indemnity from prosecution to anyone who might have information about the suspect. The image is a vague rendering of a man that does not provide any more information than the sketch that the department already has of the suspect. This further perpetuates the hyper-surveillance of any man who resembles the image. Parabon NanoLabs has already been criticized by criminal justice and privacy experts for disseminating images that implicate too broad a pool of suspects.

The Queensland police department said that the DNA sample from the case generated a genealogy tree of "15,000 'linked' individuals" and they have not been able to find a close match yet. Instead of facing the possibility that DNA phenotyping may not be an effective tool for narrowing down a suspect, the police department's strategy is to ask the public for their DNA samples. Criminologist Xanthe Mallett said in a press release that to help police find a match, people can "opt-in" to share their own DNA samples with investigators through DNA services such as Family Tree and GEDMatch. "Many members of the public that see this generated image will be unaware that it's a digital approximation, that age, weight, hairstyle, and face shape may be very different, and that accuracy of skin/hair/eye color is approximate," said Callie Schroeder, the Global Privacy Counsel at the Electronic Privacy Information Center.

An anonymous reader quotes an excerpt from an Ars Technica article: In the United States, the lack of regulatory clarity threatens to slow down not just mainstream adoption of new technologies but also innovation in digital payment options, potentially cutting off consumers and businesses nationwide from sought-after conveniences, simply because regulators can't keep up with how digital assets are being used today. "There has to be some clarity that comes out, some standards, some ideas of the dos and the don'ts and some structure around it," said May Zabaneh, PayPal's vice president of product in blockchain, crypto, and digital currencies during a Money 20/20 session focused on how people use crypto to make digital payments. "Otherwise, that mainstream adoption will really be inhibited." According to Zabaneh, digital payment processors need government agencies to ensure much more stability before the companies can confidently "explore the potential" of using digital assets like stablecoins or central bank digital currencies to provide alternative payment options in e-commerce. She said that even though PayPal has a responsibility to continue innovating in digital payments, efforts can become stalled because "there needs to be more clarity around regulation," particularly regulations around consumer protection and the tax implications of using digital assets. These are areas US agencies have only just begun considering, and that's holding innovation back. "In order for things to become mainstream, they have to be easily accessible, easily adoptable," she said.

Zabaneh was not alone in calling for regulatory clarity to drive innovation. Executives from other payment processors like Checkout.com, cryptocurrency exchange platforms like Coinbase, and banks like JPMorgan Chase all repeated the same call in their sessions, warning that US fears over digital assets involved in financial crimes created hard-to-navigate compliance risks for those most invested in driving innovation. The executives said the US is moving so slowly in passing laws and establishing rules that industry leaders will start to conduct business elsewhere. Experts at Money 20/20 said this is already happening. The US wants to be on the leading edge of digital currencies, but tension remains between what President Joe Biden wrote in an executive order this year concerning the country's economic "interest in responsible financial innovation" and the wide-ranging security risks, including those to consumers and businesses, as well as to national security. To keep fintech leaders doing business in the US and participating in what's become a trillion-dollar market, Tufts University cybercrime expert Josephine Wolff told Ars she thinks the country must first prove it can prevent illegal activity and other security risks associated with digital assets. [...]

The US government has struggled to keep up with the way digital assets are used but seems determined to crack down on illegal uses while simultaneously pushing aggressively forward with government-backed digital assets, like a central bank digital currency. Wolff said that because many in the government don't know how digital currencies are used, both legally and illegally, legislators are unsure how to regulate new digital assets. Meanwhile, digital payment technologies continue to evolve. New uses emerge, and policymakers are continuing to look at the US's existing financial regulatory framework while asking basic questions. Is this digital asset considered a form of currency like a security (such as bitcoins), or is it being traded like a commodity (such as non-fungible tokens)? Or is some new legislation, such as the Stablecoin Transparency Act, needed to regulate emerging digital assets? Until mainstream adoption of technologies makes evident the most common uses of digital assets, regulators will continue struggling to make clear laws defining how digital assets can be used. Wolff told Ars it's a difficult policy agenda to navigate because "each of these new digital assets we see creates new opportunities for crime." "The United States is trying to balance two somewhat at-odds priorities: We want this technology to be sufficiently regulated and traceable so that we can conduct law enforcement investigations and hold criminals accountable," Wolff told Ars. "But we also want it to be flexible enough that people can invent new things and experiment with new models and innovate. So I understand why companies are saying, 'Well, look, we could innovate more if you told us exactly what's allowed.'"

"Regulation of the financial services industry has a bad name, and rightfully so," said Consumer Financial Protection Bureau's director, Rohit Chopra, but CFPB was motivated to activate a dormant authority in the Consumer Financial Protection Act to ensure the US benefits from "a more decentralized and neutral consumer financial market structure" that "has the potential to reshape how companies compete in the sphere."

"That could mean the most innovative companies capture the largest parts of the US payments market," reports Ars, citing Wolff. "And as the market favors technologies and consumers adopt trusted digital assets, that could help regulators who still aren't sure how to craft policy for digital assets."

Department of Justice, announcing through a press release: Damian Williams, the United States Attorney for the Southern District of New York, and Tyler Hatcher, the Special Agent in Charge of the Internal Revenue Service, Criminal Investigation, Los Angeles Field Office ("IRS-CI"), announced today that JAMES ZHONG pled guilty to committing wire fraud in September 2012 when he unlawfully obtained over 50,000 Bitcoin from the Silk Road dark web internet marketplace. ZHONG pled guilty on Friday, November 4, 2022, before United States District Judge Paul G. Gardephe.

On November 9, 2021, pursuant to a judicially authorized premises search warrant of ZHONG's Gainesville, Georgia, house, law enforcement seized approximately 50,676.17851897 Bitcoin, then valued at over $3.36 billion. This seizure was then the largest cryptocurrency seizure in the history of the U.S. Department of Justice and today remains the Department's second largest financial seizure ever. The Government is seeking to forfeit, collectively: approximately 51,680.32473733 Bitcoin; ZHONG's 80% interest in RE&D Investments, LLC, a Memphis-based company with substantial real estate holdings; $661,900 in cash seized from ZHONG's home; and various metals also seized from ZHONG's home.

U.S. Attorney Damian Williams said: "James Zhong committed wire fraud over a decade ago when he stole approximately 50,000 Bitcoin from Silk Road. For almost ten years, the whereabouts of this massive chunk of missing Bitcoin had ballooned into an over $3.3 billion mystery. Thanks to state-of-the-art cryptocurrency tracing and good old-fashioned police work, law enforcement located and recovered this impressive cache of crime proceeds. This case shows that we won't stop following the money, no matter how expertly hidden, even to a circuit board in the bottom of a popcorn tin."