Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Canada. Show all posts
TradeOgre
Canada cryptocurrency Cyber Security Europol KYC Money Laundering Scams TradeOgre

Canadian Police Seize $40M in Digital Assets After Closing TradeOgre

 


Canadian police have shut down the cryptocurrency trading platform TradeOgre and seized digital assets valued at more than $40 million USD, marking both the country’s largest cryptocurrency seizure and the first time a crypto exchange has been dismantled by national law enforcement.


A Platform Built on Anonymity

TradeOgre was a small but notable exchange that allowed users to trade niche digital currencies, including Monero, which is popular for its privacy features. The platform stood out for avoiding Know Your Customer (KYC) checks, meaning people could open accounts without providing identification. According to the Royal Canadian Mounted Police (RCMP), TradeOgre also failed to register as a money services business with FINTRAC, Canada’s financial watchdog. These gaps made the exchange appealing to those seeking anonymity but also raised red flags for regulators.

The case began in June 2024, when Canada’s Money Laundering Investigative Team (MLIT) opened a probe after receiving intelligence from Europol. Investigators relied on blockchain tracing tools to track wallet activity linked to the platform. In July 2024, TradeOgre suddenly went offline without any announcement from its operators, fueling rumors among users that it had carried out an “exit scam.” Authorities later confirmed that the takedown was part of their enforcement action.


Why Authorities Took Action

The RCMP said TradeOgre was operating illegally in Canada because it was unregistered and allowed anonymous trading. Investigators suspect the site was used by criminals to launder illicit funds, taking advantage of Monero and other privacy-focused coins. However, officials stressed that not all customer funds were necessarily linked to crime.

In a statement, the RCMP clarified that they could not confirm whether the seized assets came from specific crimes such as extortion. They also noted that details about the exact sources of the money could not be released at this stage.


Fallout and Reactions

The sudden seizure left many users cut off from their funds. Some, including well-known crypto community members like Taylor Monahan of MetaMask, criticized the move, arguing that innocent users had their assets frozen without warning. “Very much looking forward to seeing the evidence… and for you to provide recourse to ALL innocent parties,” Monahan wrote on social media.

The RCMP responded that individuals who believe their funds were legitimate may seek remedies through the Canadian court system if the assets are subject to forfeiture proceedings. The agency added that any inquiries about the seized cryptocurrency should be directed to the MLIT.


A Warning for Crypto Users

Authorities emphasized that this case shows the risks of using unregulated exchanges. While anonymity may appeal to some traders, platforms that avoid oversight expose customers to legal uncertainty, sudden shutdowns, and loss of access to funds.



Read more »
ToolShell
Canada CSE Cyber Attacks Employee Data Microsoft ToolShell

Canada’s Parliament Probes Data Breach Linked to Microsoft Flaws

 




Canada’s House of Commons has launched an investigation after a cyberattack potentially exposed sensitive staff data, raising questions about whether recently discovered Microsoft vulnerabilities played a role.

According to national media reports, an internal email to parliamentary employees revealed that attackers managed to enter a database containing staff information. The data included names, work emails, job titles, office locations, and details about computers and mobile devices connected to the House of Commons network.

The House of Commons and Canada’s Communications Security Establishment (CSE) are now examining the incident. In a public statement, CSE emphasized that attributing a cyberattack is complex and requires time, resources, and caution before drawing conclusions. In the meantime, staff have been urged to remain alert to suspicious messages or unusual activity.


Possible Link to Microsoft Vulnerabilities

Although officials have not confirmed the exact flaw that was exploited, the mention of a “recent Microsoft vulnerability” has led to speculation. In recent weeks, Canada’s Cyber Centre issued warnings about two critical Microsoft security issues:

  • CVE-2025-53770 (“ToolShell”): A flaw in Microsoft SharePoint servers that has been actively exploited since July. It allows attackers to gain unauthorized access and has been linked to incidents involving government networks and organizations worldwide.
  • CVE-2025-53786: A high-risk bug in Microsoft Exchange that can help attackers move through both cloud and on-premises systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued an emergency order for federal agencies to fix this vulnerability after warning of its potential to cause complete system compromises.


Security researchers, including the monitoring platform Shadowserver, have noted that thousands of systems remain unpatched against these flaws, with hundreds of vulnerable servers still running in Canada.


Global Exploitation of ToolShell

The ToolShell vulnerability in particular has been tied to attacks on multiple high-profile organizations, including U.S. government agencies and European institutions. Reports indicate that both state-sponsored groups and cybercriminal gangs have taken advantage of the flaw in recent months, underlining its severity.


Why Updates Matter

Cybersecurity experts consistently stress the importance of keeping systems updated with the latest patches. Unpatched vulnerabilities provide attackers with open doors into critical infrastructure, government bodies, and private organizations. This latest incident underscores how quickly attackers can move to exploit weaknesses once they are made public.


What Happens Next

For now, the House of Commons and CSE are continuing their investigation, and no final determination has been made about the vulnerability used in the breach. However, the case highlights the ongoing risks posed by unpatched software and the need for constant vigilance by organizations and individuals alike.



Read more »
telephone scams
Canada Cyber Crime RCMP Spoofing telephone scams

Scammers Impersonate Thunder Bay RCMP in New Phone Spoofing Scheme

 



Phone number of the RCMP used in scams across Thunder Bay. The local Royal Canadian Mounted Police detachment is warning residents of Thunder Bay about a phone scam. Scammers are spoofing the official RCMP number, 807-623-2791, which will have calls that appear to be from the police when they actually are not. The RCMP has issued a public alert to raise awareness and try to prevent potential fraud.

How the Spoofing Scam Works

Spoofing is a technique by which fraudsters mask their real phone numbers through technology, making it seem as though the call is coming from a trusted source. In this case, they are masquerading as the Thunder Bay RCMP in an attempt to intimidate or defraud unsuspecting victims. The fraudsters might use the RCMP's name to give their requests a semblance of legitimacy. These requests usually demand sensitive personal information or money.

The RCMP clears the air on its communication practices

As far as the spoofing cases are concerned, the RCMP states that neither them nor any government institution will ever ask for a fee in an odd manner such as Bitcoin, gift cards, or cash collections. In fact, police will never visit your home to collect money as a reason a family member is behind bars. According to the RCMP, it does not seek social insurance numbers, birthdays, or phone numbers via phone call.

How to Verify an RCMP Call 

 In case somebody is doubtful whether a call claiming that it is from her detachment is genuine or not, then she must hanger and call again at 807-623-2791 between 8 a.m. and 4 p.m. Therefore, he will know if that was the genuine call or an attempt by a scammer.

Role of RCMP in Ontario

Another thing the public should be aware of is that the RCMP does not deal with local law enforcement in Ontario but rather deals with issues involving federal law, such as national security, border integrity, organised crime, and financial crimes, including cybercrime and money laundering.

What to Do if You Suspect a Scam

If you believe you are a target, the best action is to hang up. Victims of telephone scams are advised to contact either their local police service or the Canadian Anti-Fraud Centre to report the incident, helping investigators to track and follow up on ongoing schemes.

By knowing how to validate government calls and remaining vigilant, the citizens will be able to guard themselves against spoofing scams and other fraudulent schemes.


Read more »
User Privacy
Canada Cyber Attacks Private Data Ransomware User Privacy

Ransomware Attackers Target Canada’s Largest School Board

 

The Toronto District School Board (TDSB) has issued a warning following a ransomware attack on its software testing environment and is currently investigating whether any personal data was compromised. 

TDSB is Canada's largest school board and the fourth largest in North America, overseeing and managing 473 elementary, 110 secondary, and five adult education institutions. The group has an annual budget of around $2.5 billion. 

An announcement posted on the board's website earlier this week informs parents, guardians, and carers about a ransomware attack that may have exposed personal information.

"TDSB recently became aware that an unauthorized third party gained access to TDSB's technology testing environment, which is a separate environment used by TDSB IT Services to test programs before they are run live on TDSB systems," reads the announcement. 

"We are conducting a thorough investigation to understand the nature of the incident, any impact on our network, and if any personal information may have been affected by the incident," adds TDSB further down in the announcement. 

TDSB claims that all of its systems are operational, with no disruptions, indicating that the attack was contained in the testing environment. The organisation has contacted the Toronto Police Service and the Information and Privacy Commissioner of Ontario, and it is working with third-party cybersecurity specialists to evaluate the extent of the incident. 

TDSB serves roughly 247,000 students and employs 40,000 employees, therefore this incident could impact a large number of people. The Toronto District School Board agreed to notify affected persons if the ongoing investigation reveals that a data breach happened, but for the time being, it has chosen not to provide too much information

Individuals who may have been impacted and are looking for answers may contact the organisation at 'cyberincident@tdsb.on.ca.’ At the time of writing, none of the major ransomware gangs claimed responsibility for the attack on TDSB.
Read more »
Project Swan
Canada Crypto Fraud Cyber Fraud Ontario Police Project Swan

Self Proclaimed “Crypto King” Aiden Pleterski Charged With $30 Million Scam

 

Aiden Pleterski, also known as the "Crypto King," and his partner, Colin Murphy, have been arrested and charged with allegedly defrauding investors of $40 million CAD (about $30 million USD) in a cryptocurrency and foreign exchange investment scam. 

Earlier this week on Wednesday, the Ontario Securities Commission revealed that Aiden Pleterski, 25, known as the "Crypto King," is facing fraud and money laundering charges. The commission also charged his colleague, Colin Murphy (27), with fraud. It stated Pleterski squandered investors' money on a lakeside house and a fleet of expensive cars. Among them was a Lamborghini, the Italian sports car totemic of crypto-based wealth.

The criminal allegations filed against the two Canadians are part of a 16-month investigation dubbed Project Swan. It coincides with a high-profile bankruptcy case involving their alleged investment fraud scheme. 

According to court filings and local media sources, Pleterski and his company, AP Private Equity Limited, received roughly $40 million CAD from 160 investors between 2021 and 2022 to invest in cryptocurrency and foreign exchange markets. Some investors apparently took out loans to fund their investments with Pleterski.

According to the findings of the bankruptcy trustee, Pleterski only invested two percent of the funds that he was given. He spent at least $16 million on personal luxury items in the interim. Among them were: International trips to the US and UK; more than 10 luxury cars, including two McLarens, two BMWs, and a Lamborghini. renting a lakefront property worth $8.4 million for $45,000 a month.

Aiden Pleterski, a self-proclaimed "Crypto King" and occasional livestreamer, has exposed his lavish lifestyle on social media. He bragged of travels to Los Angeles, London, and Miami, where he drove rental Lamborghini and McLarens. In one film, Pleterski was seen assembling a Lego Titanic model. During it, he claimed that he had spent $150,000 on Lego since 2021. 

Throughout the bankruptcy proceedings, Pleterski portrayed himself as a "20-something-year-old kid". He revealed to creditors that he was messy and did not keep financial records or track payments, CBC reported.

Meanwhile, in December 2022, a group of individuals involved in Pleterski's operation allegedly kidnapped the self-proclaimed Crypto King. According to reports, the group held him captive for three days, torturing and beating him. 

The kidnappers reportedly sought a $3 million ransom for his release. Although Pleterski was later released, a 12-minute video emerged on social media showing him injured and wounded. He apologised to his investors in what his lawyer termed as a forced apology. Four of the suspected kidnappers have since been apprehended and charged.
Read more »
User Safety
AI Scams Canada Cyber Fraud Data Privacy User Safety

Authorities Warn of AI Being Employed by Scammers to Target Canadians

 

As the usage of artificial intelligence (AI) grows, fraudsters employ it more frequently in their methods, and Canadians are taking note. According to the Royal Bank of Canada’s (RBC's) annual Fraud Prevention Month Poll, 75% of respondents are more concerned with fraud than ever before. Nine out of 10 Canadians feel that the use of AI will boost scam attempts over the next year (88%), thereby making everyone more exposed to fraud (89%).

As per the survey, 81 percent of Canadians think that AI will make phone fraud efforts more difficult to identify, and 81 percent are worried about scams that use voice cloning and impersonation techniques. 

"With the recent rise in voice cloning and deepfakes, fraudsters are able to employ a new level of sophistication to phone and online scams," stated Kevin Purkiss, vice president, Fraud Management, RBC. "The good news is that awareness of these types of scams is high, but we also need to take action to safeguard ourselves from fraudsters.”

The study also discovered that phishing (generic scams via email or text), spear phishing (emails or texts that appear authentic), and vishing (specific phone or voicemail scams) were among the top three types of fraud. More than half also report an increase in deepfake frauds (56%), while over half (47%) claim voice cloning scams are on the rise. 

Prevention tips

Set up notifications for your accounts, utilise multi-factor authentication whenever possible, and make the RBC Mobile App your primary banking tool. Keep an eye out for impersonation scams, in which fraudsters appear to be credible sources such as the government, bank employees, police enforcement, or even a family member. 

Some experts also recommend sharing a personal password with loved ones to ensure that you're conversing with the right individual. 

To avoid robo-callers from collecting your identity or voice, limit what you disclose on social media and make your voicemail generic and short. Ignore or delete unwanted emails and texts that request personal information or contain dubious links or money schemes.
Read more »
Threat Intelligence
Canada City of Hamilton Cyber Attacks Municipal City Ransomware attack Threat Intelligence

Canadian City Says Timescale for Recovering from Ransomware Attack 'Unknown'

 

The Canadian city of Hamilton is still getting over a ransomware attack that compromised nearly every facet of municipal operations. 

Since February 25, when the ransomware attack was first reported, city officials have been working nonstop. Foundational services, such as waste collection, transit, and water and wastewater treatment, are functioning as of Wednesday.

However, the attack has impacted nearly every online payment system, forcing the city to rely on cash transactions and other manual processes. All fines, tickets, and tax payments must be made in person. 

Numerous municipal services, including cemeteries, child care centres, and public libraries, were reported by the city as having phone system or website issues. Before March 15, there will be no more city council meetings, and the city's libraries will no longer provide WiFi, public computers, printing services, or other services. 

“The City of Hamilton took swift action to investigate, protect systems and minimize impact on the community. We engaged a team of experts, insurers, legal counsel, and relevant authorities and [are] working diligently to restore the City’s system in a safe and secure manner,” the city said in a statement. “While a timeline for recovery is not yet known, the City is committed to resolving the situation as quickly and effectively as possible.” 

Hamilton is located roughly 40 miles from Toronto and has a population of nearly 600,000. The city stated that it is currently investigating whether citizen data was stolen. No ransomware group has claimed responsibility for the attack yet, and local officials have not responded to calls for comment. 

City officials held a press conference on Tuesday, and City Manager Marnie Cluckie stated that it is "impossible to know how long it will take us to get up and running again.” 

Cluckie declined to comment on whether the city is in talks with the ransomware group, stating that they will "do what is best for the city." She confirmed that the city has cyber insurance. 

During the press conference, Cluckie was asked if the attack would follow the same schedule as the Toronto Library, which dealt with troubles for more than four months after a ransomware attack. Cluckie claims the hired cyber specialists would only advise her that each assault and recovery is unique.

Hamilton is the second municipality in Canada to deal with a ransomware attack over the last week. Ponoka, a small town about an hour west of Edmonton, recently dealt with a ransomware attack that caused system failures for the government.
Read more »
Threat Landscape
Canada City of Hamilton Cyber Attacks Cyber Warfare Threat Landscape

Hamilton City's Network is the Latest Casualty of the Global Cyberwar.

 

The attack that took down a large portion of the City of Hamilton's digital network is only the latest weapon in a global fight against cybersecurity, claims one of Canada's leading cybersecurity experts. 

Regarding the unprecedented attack on the municipality's network that affected emergency services operations, the public library website, and the phone lines of council members, not much has been stated by city officials. Although the specifics of the Sunday incident are yet unknown, Charles Finlay, executive director of Rogers Cybersecure Catalyst, believes that the attack is a part of a larger campaign against a shadow firm that is determined to steal money and data. 

“I don't think that the average citizen of Hamilton or any other city, fully understands what's at play here,” Finlay stated. “Our security services certainly are, but I don't think the average citizen is aware of the fact that institutions in Canada, including Hamilton, are at the front lines of what amounts to a global cybersecurity conflict.” 

On Sunday, city hall revealed service delays caused by what it later described as a "cybersecurity incident" that had far-reaching consequences for the city's network and related services. 

The specifics of what took place, however, remain unknown as local officials maintain a cloak of secrecy. So far, the city has refused to divulge the amount of the damage or how affected departments are operating. Emergency services are described as "operational," with some activities now being completed "manually," but officials refuse to disclose specifics.

The city also refuses to reveal whether sensitive data was stolen or is being held ransom.

According to Vanessa Iafolla of Halifax-based Anti-Fraud Intelligence Consulting, a municipality may prefer to delay reporting the extent of the harm in order to preserve an impression of security and control. 

Finlay and Iafolla said they can only speculate about what transpired because city hall hasn't provided any information. However, given the available details and the consequences of other institutions' attacks, a ransomware attack is a realistic possibility. 

A ransomware assault is one in which malicious software is installed on a network, allowing users to scan and grab sensitive data. In the case of the city, Iafolla could refer to personal information on employees and citizens, such as social insurance numbers and other identifying information.

“It's a safe bet that whatever they took is likely of real financial value,” concluded Iafolla. “It's difficult to speculate exactly what may have been taken, but I would be pretty confident in thinking whatever it is, is going to be a hot commodity.”
Read more »
Subscribe to: Comments (Atom)