Криптобиржи снова под прицелом: отмывание денег и утечка данных угрожают безопасности пользователей Translation: Cryptocurrency Exchanges Under Fire Again: Money Laundering and Data Breaches Threaten User Security

We have compiled the most significant cybersecurity news from the past week.

The International Consortium of Investigative Journalists (ICIJ) published a report titled «The Coin Laundry,» uncovering money laundering schemes utilized by criminal syndicates through major centralized exchanges (CEX).

According to ICIJ, cryptocurrency exchanges continue to facilitate transactions linked to crime despite regulatory oversight. The report specifically mentions the Huione Group, involved in human trafficking and scams in Asia. Journalists assert that at least $408 million flowed from this group to Binance.

OKX, which admitted to violating U.S. laws in February 2025, continued to «receive hundreds of millions of dollars» from the same sources as Binance. The investigation revealed that more than $161 million was transferred after the U.S. Treasury categorized Huione as a «primary money laundering risk.»

In collaboration with 37 media partners from 35 countries, the ICIJ gathered hundreds of crypto addresses connected to North Korean hackers, Russian money laundering schemes, and Chinese drug networks. An analysis of tens of thousands of transactions indicated that criminal groups actively used accounts on Binance, Coinbase, OKX, HTX, KuCoin, and other crypto exchanges.

«The crypto industry has essentially created a parallel shadow financial system in which exchanges continue to profit from dubious transactions, while crime victims are left with little chance of recovering their losses,» the investigation’s authors concluded.

A 45-year-old California resident pleaded guilty to laundering at least $25 million stolen through a fraudulent scheme, stated a report from the U.S. Department of Justice.

According to the agency, Kunal Mehta was part of a group operating from October 2023 to March 2025. Specifically, on August 18, 2024, the perpetrators stole over 4,100 BTC (worth more than $230 million at the time) from a victim in Washington. Most of the funds were converted into Monero, but mistakes made allowed tracing the transactions back to the stolen assets.

The Justice Department reported that in 2024, Mehta established several shell companies to legitimize the stolen funds. He received partially «clean» cryptocurrency, which he then sent to partners who executed more complex schemes. Subsequently, the money returned to accounts of businesses associated with the Californian.

Researchers from SBA Research identified a severe privacy issue in WhatsApp. They managed to collect data from 3.5 billion user accounts due to a lack of restrictions on query frequency, according to Wired.

The data collection was conducted via the web version of the messenger, at a rate of up to 100 million numbers per hour. Consequently, they obtained photos for 57% of profiles and text from the «About» section for 29%.

As reported, researchers informed Meta of the problem in April and deleted the gathered data. However, the company only rectified the issue by October.

Media speculation suggests that prior to this, attackers could have gained similar access. Meta representatives stated in a comment to Wired that no signs of exploitation were found, and only «public data» became accessible.

Statistics by country pointed to a high proportion of profiles with open information:

The report also noted that WhatsApp is banned in China, Myanmar, North Korea, and several other countries. Nevertheless, experts discovered millions of active accounts linked to numbers from these regions.

Some cryptographic keys were repeated hundreds of times, and researchers found a code entirely composed of zeros associated with 20 U.S. numbers. Experts theorized that the cause was the use of unofficial or modified WhatsApp clients, rather than a flaw in the service itself.

Upon detailed examination of accounts with identical keys, it became apparent that many appeared fraudulent. Researchers argued that the primary issue lies in the identification model—phone numbers are not suitable for this role.

According to Meta’s announcement, WhatsApp developers are already testing a username system as a more private alternative.

The Myanmar military has expanded a large-scale operation against crypto scam camps, eliminating a second major hub in the city of Shwe Kokko, as reported by Nikkei Asia.

Media outlets indicated that on October 25, law enforcement targeted KK Park. During the raid, authorities detained 346 foreign nationals and confiscated around 10,000 mobile phones used in fraudulent schemes.

On November 17, Google warned about a serious vulnerability in the popular Chrome browser.

According to experts, the problem lies in the improper processing of a specific type of data in the JavaScript engine V8, which results in memory corruption. An attacker could exploit this vulnerability via a web page to execute malicious code.

The corporation also stated that attackers had already attempted to exploit the vulnerability. Google representatives advised users to check the browser for the latest version as soon as possible.

Issues in Cloudflare’s operations, which led to significant disruptions for clients on November 18, were not the result of a cyberattack, representatives of the service stated.

Initially, specialists from the infrastructure giant reported a «surge in unusual traffic,» which could have been a consequence of a hack. However, Cloudflare’s Chief Technology Officer, Dan Klein, dismissed this theory.

According to an internal investigation, there was an error in service management in the bot mitigation function following a planned configuration change, which propagated to all other systems.

Cloudflare services approximately 19% of all active websites and supports the online resources of 35% of Fortune 500 companies. The aftermath of the incident affected millions of users.