March 2025 Newsletter
ByBit Breach
The FBI has identified North Korea as being behind the theft of approximately $1.5 billion of virtual assets (ETH) from the ByBit cryptocurrency exchange, making it the largest heist in history.
Investigations have attributed the attack to the Lazarus Group. The attack is believed to have occurred during a routine transfer from Bybit’s offline wallet to its online wallet. The attackers intercepted and manipulated transaction data at this stage, redirecting funds to another source. It is believed that the attackers gained unauthorised access to private keys associated with Bybit’s online wallets. The breach has led to a significant decline in Bybit’s market share.
Apple Remove ADP in the UK
Following requests from the UK Government, (Technical Capability Notice, in relation to the Investigatory Powers Act), Apple has removed the Advanced Data Protection (ADP) tool, which uses end-to-end encryption for iCloud services, from all Apple users in the UK.
This decision significantly weakens the security posture of Apple users in the UK and emphasises the clear challenge between data privacy, cyber security best practices, and enabling the UK Government to have the capability for national and local security.
DeepSeek
In January, the unveiling of the Chinese AI startup DeepSeek saw the release of its chatbot (DeepSeek-R1), which was promoted as being faster, cheaper, and more effective than ChatGPT.
DeepSeek faced a lot of scrutiny, and it didn’t take long before concerns were raised regarding security and privacy issues. However, this was after the tech industry reportedly lost $1 trillion in market value, from the short time DeepSeek was released.
