Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label data compliance. Show all posts
Stablecoins
Bitcoins Blockchain Integration crypto transactions cryptocurrency Cyber Crime data compliance Financial Regulators Money Laundering river Stablecoins

Stablecoins Replace Bitcoin as the Primary Cryptocurrency in Illicit Transactions, Industry Data Shows

 




For years, Bitcoin was widely associated with cryptocurrency-related crime. New industry data suggests that picture has changed astronomically, with stablecoins now accounting for the vast majority of identified illicit cryptocurrency activity.

The change of terms was accentuated by Bitcoin-focused financial services company River, which cited blockchain intelligence findings showing that Bitcoin's role in unlawful crypto transactions has declined sharply over the past several years. According to data attributed to Chainalysis, Bitcoin represented roughly 70% of illicit cryptocurrency transaction volume in 2020. By 2025, that figure had fallen to approximately 7%, while stablecoins had grown to account for around 84% of identified illicit transaction volume.

The numbers point to a drastic transformation in how cybercriminals, fraud operators, sanctioned entities, and money-laundering networks move digital funds across borders.


Why Stablecoins Are Becoming More Attractive to Criminal Networks

Unlike Bitcoin and many other cryptocurrencies, stablecoins are designed to maintain a relatively fixed value, typically by being linked to a traditional currency such as the U.S. dollar.

This stability removes one of the major risks associated with cryptocurrency transactions. A criminal group holding $1 million in Bitcoin today could see the value fluctuate significantly within days. Stablecoins largely eliminate that uncertainty, allowing illicit actors to move, store, and transfer funds without being exposed to major price swings.

Researchers say this makes stablecoins particularly useful in fraud schemes, investment scams, money-laundering operations, and cross-border transfers where predictable value is important.

The spike in acceptance of stablecoins across exchanges, payment services, and over-the-counter trading networks has also contributed to their increased use. Many stablecoins can be transferred globally within minutes while maintaining a value closely tied to fiat currency, making them practical for both legitimate and illegitimate financial activity.


Bitcoin Still Appears in Certain Criminal Operations

Despite its declining share, Bitcoin has not disappeared from the cybercrime infrastructure. It is still part of the overall pipeline in digital currency exchange. 

Blockchain investigators continue to observe Bitcoin being used in ransomware attacks, darknet marketplaces, and extortion schemes. In these environments, long-established infrastructure, existing payment workflows, and familiarity among threat actors continue to support Bitcoin's use.

However, analysts note that criminal organizations are increasingly treating Bitcoin as only one option within a much larger digital financial ecosystem rather than the default cryptocurrency for illicit transactions.


Illicit Crypto Activity Continues to Soar

The change in asset preference comes as blockchain intelligence firms report increases in the overall value of illicit cryptocurrency activity.

TRM Labs recently estimated that illicit cryptocurrency flows reached approximately $158 billion in 2025, representing the highest level recorded by the company. The firm reported a sharp increase from the previous year, attributing much of the growth to sanctions-related activity, sophisticated money-laundering operations, underground financial networks, and expanded use of cryptocurrency by state-linked actors.

A large portion of these transactions involved stablecoins in the grand scheme of carrying out cyber criminal activities. 

Researchers also observed that sanctions-evasion networks increasingly rely on stablecoins because of their liquidity, accessibility, and ability to move large sums through multiple jurisdictions with relative speed.


Compliance and Regulatory Pressure Expected to become more stringent

The developing concentration of illicit activity within stablecoin ecosystems is likely to intensify scrutiny from regulators and law-enforcement agencies.

Unlike decentralized cryptocurrencies, many major stablecoins are issued by identifiable companies that maintain reserve assets and have the technical ability to freeze certain wallets when required by legal authorities.

As a result, policymakers are increasingly examining how stablecoin issuers monitor suspicious transactions, respond to sanctions violations, and cooperate with criminal investigations.

Several stablecoin providers have already expanded collaboration with law enforcement agencies. Tether, the issuer of USDT, has publicly reported freezing wallets connected to suspected criminal activity, while blockchain analytics companies continue to develop tracking tools designed to identify suspicious transaction patterns across networks.


Criminal Use Remains a Small Portion of Overall Activity

Although illicit cryptocurrency volumes have risen in absolute terms, researchers caution against interpreting the data as evidence that most cryptocurrency activity is criminal.

Industry reports consistently show that unlawful transactions represent only a small fraction of total blockchain activity. Stablecoins process trillions of dollars in annual transaction volume, meaning the overwhelming majority of transactions are associated with legitimate uses such as payments, trading, remittances, and settlement activities.

Nevertheless, the latest findings draw a clearer picture into how criminal groups adapt quickly to changing financial technologies. While Bitcoin once dominated illicit cryptocurrency transactions, blockchain intelligence data now suggests that stablecoins have become the preferred vehicle for many forms of crypto-enabled financial crime due to their price stability, global accessibility, and ease of transfer.

The trend is expected to remain a driving focus for regulators, compliance teams, cryptocurrency exchanges, and law-enforcement agencies as governments continue developing rules for the rapidly expanding stablecoin sector.


Read more »
xAI
Artificial Intelligence data compliance Data Regulation Digital Harrasment GDPR Grok Netherlands Technology xAI

Dutch Court Issues Order Against X and Grok Over Sexual Abuse Content

 



A court in the Netherlands has taken strict action against the platform X and its artificial intelligence system Grok, directing both to stop enabling the creation of sexually explicit images generated without consent, as well as any material involving minors. The ruling carries a financial penalty of €100,000 per day for each entity if they fail to follow the court’s instructions.

This decision, delivered by the Amsterdam District Court, marks a pivotal legal development. It is the first time in Europe that a judge has formally imposed restrictions on an AI-powered image generation tool over the production of abusive or non-consensual sexual content.

The legal complaint was filed by Offlimits together with Fonds Slachtofferhulp. Both groups argued that the pace of regulatory enforcement had not kept up with the speed at which harm was being caused. Existing Dutch legislation already makes it illegal to create or share manipulated nude images of individuals without their permission. However, concerns intensified after Grok introduced an image-editing capability toward the end of December 2025, which led to a sharp increase in reported incidents. On February 4, 2026, Offlimits formally contacted xAI and X, demanding that the feature be withdrawn.

In its ruling, the court instructed xAI to immediately halt the production and distribution of sexualized images involving individuals living in the Netherlands unless clear consent has been obtained. It also ordered the company to stop generating or displaying any content that falls under the legal definition of child sexual abuse material. Alongside this, X Corp and X Internet Unlimited Company have been required to suspend Grok’s functionality on the platform for as long as these violations continue.

Legal representatives for Offlimits emphasized that the so-called “undressing” feature cannot remain active anywhere in the world, not just within Dutch borders. The court further instructed xAI to submit written confirmation explaining the steps taken to comply. If this confirmation is not provided, the daily financial penalty will continue to apply.


Doubts Over Safeguards

A central question for the court was whether the companies had actually made it impossible for such content to be created, as they claimed. The judges concluded that this had not been convincingly demonstrated.

During a hearing on March 12, lawyers representing xAI argued that strong safeguards had been implemented starting January 20, 2026. They maintained that Grok no longer allowed the generation of non-consensual intimate imagery or content involving minors.

However, evidence presented by Offlimits challenged that claim. On March 9, the same day the companies denied any remaining risk, it was still possible to produce a sexualized video of a real person using only a single uploaded image. The system did not require any confirmation of consent. The court viewed this as a contradiction that cast doubt on the effectiveness of the safeguards.

The judges also pointed out inconsistency in xAI’s position regarding child sexual abuse material. The company argued both that such content could not be generated and that it was not technically possible to guarantee complete prevention.


Legal Responsibility and Framework

The court determined that creating non-consensual “undressing” images amounts to a violation of the General Data Protection Regulation. It also found that enabling the production of child sexual abuse material constitutes unlawful behavior under Dutch civil law.

Importantly, the court rejected the argument that responsibility should fall solely on users who input prompts. Instead, it concluded that the platform itself, which controls how the system functions, must take responsibility for preventing misuse.

This reasoning aligns with the Russmedia judgment issued by the Court of Justice of the European Union. That earlier ruling established that platforms can be treated as joint controllers of personal data and cannot rely on intermediary protections to avoid obligations under European data protection law. Applying this principle, the Dutch court found that xAI and X’s European entity are responsible for how personal data is processed within Grok’s image generation system.

The court went a step further by highlighting a key distinction. Unlike platforms that merely host user-generated content, Grok actively creates the material itself. Because xAI designed and operates the system, it was identified as the party responsible for preventing unlawful outputs, regardless of who initiates the request.


Jurisdictional Limits

The ruling applies differently across entities. X Corp, which is based in the United States, faces narrower restrictions because it does not directly provide services within the Netherlands. Its obligation is limited to suspending Grok’s functionality in relation to non-consensual imagery.

By contrast, X Internet Unlimited Company, which serves users within the European Union, must comply with both the ban on non-consensual sexualized content and the restrictions related to child abuse material.


Increasing Global Scrutiny

The case follows findings from the Center for Countering Digital Hate, which estimated that Grok generated around 3 million sexualized images within a ten-day period between late December 2025 and early January 2026. Approximately 23,000 of those images appeared to involve minors.

Regulatory pressure is also building internationally. Ireland’s Data Protection Commission has launched an investigation under GDPR rules, while the European Commission has opened proceedings under the Digital Services Act. In the United Kingdom, Ofcom has initiated action under its Online Safety framework. In the United States, legal challenges have also emerged, including lawsuits filed by teenagers in Tennessee and by the city of Baltimore.

At the policy level, the European Parliament has supported efforts to strengthen the AI Act by introducing an explicit ban on tools designed to digitally remove clothing from images.


A Turning Point for AI Accountability

Authorities are revising how they approach artificial intelligence systems. Earlier debates often treated platforms as passive intermediaries. However, systems like Grok actively generate content, which changes the question of responsibility.

The decision makes it clear that companies developing such technologies are expected to take active steps to prevent harm. Claims about technical limitations are unlikely to be accepted if evidence shows that misuse remains possible.

X and xAI have been given ten working days to provide written confirmation explaining how they have complied with the court’s order.

Read more »
Sensitive data
AI Chatbots Artificial Intelligence Corporate data Cyber Security data compliance Google OpenAI Sensitive data

Why Long-Term AI Conversations Are Quietly Becoming a Major Corporate Security Weakness

 



Many organisations are starting to recognise a security problem that has been forming silently in the background. Conversations employees hold with public AI chatbots can accumulate into a long-term record of sensitive information, behavioural patterns, and internal decision-making. As reliance on AI tools increases, these stored interactions may become a serious vulnerability that companies have not fully accounted for.

The concern resurfaced after a viral trend in late 2024 in which social media users asked AI models to highlight things they “might not know” about themselves. Most treated it as a novelty, but the trend revealed a larger issue. Major AI providers routinely retain prompts, responses, and related metadata unless users disable retention or use enterprise controls. Over extended periods, these stored exchanges can unintentionally reveal how employees think, communicate, and handle confidential tasks.

This risk becomes more severe when considering the rise of unapproved AI use at work. Recent business research shows that while the majority of employees rely on consumer AI tools to automate or speed up tasks, only a fraction of companies officially track or authorise such usage. This gap means workers frequently insert sensitive data into external platforms without proper safeguards, enlarging the exposure surface beyond what internal security teams can monitor.

Vendor assurances do not fully eliminate the risk. Although companies like OpenAI, Google, and others emphasize encryption and temporary chat options, their systems still operate within legal and regulatory environments. One widely discussed court order in 2025 required the preservation of AI chat logs, including previously deleted exchanges. Even though the order was later withdrawn and the company resumed standard deletion timelines, the case reminded businesses that stored conversations can resurface unexpectedly.

Technical weaknesses also contribute to the threat. Security researchers have uncovered misconfigured databases operated by AI firms that contained user conversations, internal keys, and operational details. Other investigations have demonstrated that prompt-based manipulation in certain workplace AI features can cause private channel messages to leak. These findings show that vulnerabilities do not always come from user mistakes; sometimes the supporting AI infrastructure itself becomes an entry point.

Criminals have already shown how AI-generated impersonation can be exploited. A notable example involved attackers using synthetic voice technology to imitate an executive, tricking an employee into transferring funds. As AI models absorb years of prompt history, attackers could use stylistic and behavioural patterns to impersonate employees, tailor phishing messages, or replicate internal documents.

Despite these risks, many companies still lack comprehensive AI governance. Studies reveal that employees continue to insert confidential data into AI systems, sometimes knowingly, because it speeds up their work. Compliance requirements such as GDPR’s strict data minimisation rules make this behaviour even more dangerous, given the penalties for mishandling personal information.

Experts advise organisations to adopt structured controls. This includes building an inventory of approved AI tools, monitoring for unsanctioned usage, conducting risk assessments, and providing regular training so staff understand what should never be shared with external systems. Some analysts also suggest that instead of banning shadow AI outright, companies should guide employees toward secure, enterprise-level AI platforms.

If companies fail to act, each casual AI conversation can slowly accumulate into a dataset capable of exposing confidential operations. While AI brings clear productivity benefits, unmanaged use may convert everyday workplace conversations into one of the most overlooked security liabilities of the decade.

Read more »
Subscribe to: Posts (Atom)