Ex-UK National Crime Agency officer jailed for stealing bitcoin from dark web drug dealer, World News
The NCA was investigating the Silk Road 2.0 site — which allowed users to buy drugs and other illicit goods after the original Silk Road was shut down by the FBI in 2013 — and arrested Liverpool-based Thomas White in 2014.
Intelligence officer Paul Chowles took the details of White's "retirement wallet" and stole 50 bitcoin before sending it to a cryptocurrency "mixing" service called Bitcoin Fog to obscure the source, prosecutors said.
Chowles, 42, appeared in Liverpool Crown Court having pleaded guilty to one count of theft, one count of transferring criminal property, and one count of concealing criminal property.
Prosecutor Craig Hassall said the bitcoin Chowles stole was worth just under 60,000 pounds (S$100,000) at the time of the theft in May 2017 and is now worth over 4 million pounds, though Chowles had realised nearly 145,000 pounds.
Chowles was dismissed by the NCA this month for gross misconduct after his guilty pleas, having been arrested in 2022.
The NCA initially thought White, who was jailed in 2019 for over five years, had managed to access his bitcoin wallet and remove the 50 missing bitcoin, Hassall said.
The remaining 47 bitcoin in White's wallet were sold by the NCA for roughly 500,000 pounds, and the funds paid towards a 1.5 million-pound confiscation order made against White.
But police and the NCA began to investigate after White said he was not responsible for moving the 50 bitcoin, and usernames and passwords linked to White's cryptocurrency accounts were found in Chowles' notebooks when he was arrested.
Judge David Aubrey said bitcoin worth nearly 470,000 pounds was seized from Chowles, telling him: "Had you not been arrested, you would have continued to reap the rewards of your wrongdoing."
[[nid:718198]]
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
CNA
3 hours ago
- CNA
US Justice Department asks Epstein associate Maxwell to speak to prosecutors
WASHINGTON: The Justice Department has asked lawyers for Jeffrey Epstein associate Ghislaine Maxwell if she would be willing to speak with US prosecutors, and Deputy Attorney General Todd Blanche said on Tuesday (Jul 22) he expected to meet with her in the coming days. The decision to request a meeting with Maxwell comes as Attorney General Pam Bondi has faced mounting pressure from President Donald Trump's supporters to release additional materials related to Epstein, who killed himself in a jail cell in 2019 while awaiting trial on sex-trafficking charges. "President Trump has told us to release all credible evidence," Blanche said in a statement posted on X. He added that if Maxwell "has information about anyone who has committed crimes against victims, the FBI and the DOJ will hear what she has to say". Blanche said he has been in touch with Maxwell's attorneys to see if she is willing to speak with prosecutors. "I anticipate meeting with Ms Maxwell in the coming days," he added. 'I can confirm that we are in discussions with the government and that Ghislaine will always testify truthfully. We are grateful to President Trump for his commitment to uncovering the truth in this case. We have no other comment at this time," said David Oscar Markus, a lawyer for Maxwell. Some of Trump's most staunch supporters in recent weeks have called on Bondi to resign, after she back-tracked on a promise she made earlier this year that the department would release additional materials including "a lot of names" and "a lot of flight logs" in connection with Epstein's clients. After releasing only a select number of records that failed to shed new light on the case, the department and the FBI released a joint memo earlier this month that poured cold water on long-running conspiracy theories about Epstein by saying there was "no incriminating client list" or any evidence of blackmail. Since then, at Trump's direction, Bondi and Blanche have asked a federal court for permission to unseal grand jury transcripts in the cases of both Epstein and Maxwell, who was convicted in 2021 of five federal charges related to her role in Epstein's alleged sexual abuse of underage girls. However, legal experts including one of Epstein's former attorneys, Alan Dershowitz, have said that those transcripts will not likely contain the types of materials being sought by Trump's supporters. A judge could also deny the request.
Straits Times
5 hours ago
- Straits Times
Iranians targeted with spyware in lead-up to war with Israel: Research
Find out what's new on ST website and app. According to new research, more than a dozen Iranians' mobile phones were targeted with spyware in the months prior to the country's war with Israel. TEXAS – More than a dozen Iranians' mobile phones were targeted with spyware in the months prior to the country's war with Israel, according to new research. Miaan Group, a digital human rights organisation based in Austin, Texas, found a number of Iranians who received threat notifications from Apple Inc. in the first half of 2025, and researchers believe they only identified a fraction of the total targets. Another round of Iranian spyware targets was discovered by Mr Hamid Kashfi , a Sweden-based cybersecurity researcher and founder of the firm DarkCell. The attacks mark the first known example of such highly advanced cyber-espionage tools being used both inside Iran and against Iranians living abroad. It's not clear who was behind the attacks. Miaan Group said the victims included two Iranian dissidents inside the country and a technology worker who is an Iranian citizen living in Europe, who were targeted with spyware on their iPhones. They were first notified of the incident via text message by Apple, which typically sends a threat notification message to victims when a hack is detected. Mr Kashfi said he found 12 victims, all inside Iran and working either in the country's technology sector or for the government. Both Mr Kashfi and the Miaan Group declined to name the victims in order to protect their safety. Top stories Swipe. Select. Stay informed. Singapore Singaporeans aged 21 to 59 can claim $600 SG60 vouchers from July 22 Singapore Singaporeans continue to hold world's most powerful passport in latest ranking Singapore Woman evacuated from lift in Supreme Court building after falling glass triggers emergency halt Asia Malaysian aide's unresolved 2009 death tests govt's reform pledge despite DAP chief's apology Singapore Prosecution says judge who acquitted duo of bribing ex-LTA official had copied defence arguments Singapore Singapore not affected by haze despite smoke plumes in Sumatra: NEA Singapore Miscalculation of MOH subsidies and grants led to $7m in overpayments, $2m in shortfalls Singapore Ports and planes: The 2 Singapore firms helping to keep the world moving The threat notifications, which were seen by Bloomberg, describe the attacks as 'exceptionally rare' and costing 'millions of dollars'. The Apple notification, which is careful to note that the company doesn't attribute the attacks, compared the sophistication and cost of the recent attacks to Pegasus spyware from NSO Group. 'The extreme cost, sophistication and worldwide nature makes mercenary spyware attacks some of the most advanced digital threads in existence today,' Apple told the Iranian targets. 'This attack is likely targeting you specifically because of who you are or what you do.' Apple didn't respond to a Bloomberg request for comment. The notification added that 'Apple has high confidence in this warning.' Mr Kashfi said his investigation concluded that 'zero-day zero-click' attacks were likely used. That approach exploits hidden vulnerabilities and require no interaction from the victim. 'Zero-click chains are more sophisticated, more expensive, one stage higher than typical hacking campaigns,' Mr Kashfi said. 'But they weren't shy about using it and burning it.' Neither Mr Kashfi nor the Miaan Group were able to do full forensic examinations of the targeted iPhones. In several cases, being inside Iran made examinations impossible. In others, victims only came forward months after the notification. Finally, other targets chose to take their targeted iPhones to be examined by the Iranian government security services rather than independent experts living abroad, Mr Kashfi said. BLOOMBERG
Business Times
8 hours ago
- Business Times
Microsoft rushes to stop hackers from wreaking global havoc
[WASHINGTON ]Hackers exploited a security flaw in common Microsoft software to breach governments, businesses and other organisations across the globe and steal sensitive information, according to officials and cybersecurity researchers. Microsoft over the weekend released a patch for the vulnerability in servers of the SharePoint document management software. The company said it was still working to roll out other fixes after warnings that hackers were targeting SharePoint clients, using the flaw to enter file systems and execute code. Multiple different hackers are launching attacks through the Microsoft vulnerability, according to representatives of two cybersecurity firms, CrowdStrike Holdings and Google's Mandiant Consulting. Hackers have already used the flaw to break into the systems of national governments in Europe and the Middle East, according to a person familiar with the matter. In the US, they've accessed government systems, including ones belonging to the US Department of Education, Florida's Department of Revenue and the Rhode Island General Assembly, said the person, who spoke on condition that they not be identified discussing the sensitive information. Representatives of the Department of Education and Rhode Island legislature didn't respond to calls and emails seeking comment on Monday. A Florida Department of Revenue spokesperson, Bethany Wester Cutillo, said in an email that the SharePoint vulnerability is being investigated 'at multiple levels of government' but that the state agency 'does not comment publicly on the software we use for operations.' The hackers also breached the systems of a US-based health-care provider and targeted a public university in South-east Asia, according to a report from a cybersecurity firm reviewed by Bloomberg News. The report doesn't identify either entity by name, but says the hackers have attempted to breach SharePoint servers in countries including Brazil, Canada, Indonesia, Spain, South Africa, Switzerland, the UK and the US. The firm asked not to be named because of the sensitivity of the information. BT in your inbox Start and end each day with the latest news stories and analyses delivered straight to your inbox. Sign Up Sign Up In some systems they've broken into, the hackers have stolen sign-in credentials, including usernames, passwords, hash codes and tokens, according to a person familiar with the matter, who also spoke on condition that they not be identified discussing the sensitive information. 'This is a high-severity, high-urgency threat,' said Michael Sikorski, chief technology officer and head of threat intelligence for Unit 42 at Palo Alto Networks. 'What makes this especially concerning is SharePoint's deep integration with Microsoft's platform, including their services like Office, Teams, OneDrive and Outlook, which has all the information valuable to an attacker,' he said. 'A compromise doesn't stay contained–it opens the door to the entire network.' Tens of thousands – if not hundreds of thousands – of businesses and institutions worldwide use SharePoint in some fashion to store and collaborate on documents. Microsoft said that attackers are specifically targeting clients running SharePoint servers from their own on-premise networks, as opposed to being hosted and managed by the tech firm. That could limit the impact to a subsection of customers. A Microsoft spokesperson declined to comment beyond an earlier statement. 'It's a dream for ransomware operators,' said Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys. He estimated that more than 10,000 companies with SharePoint servers were at risk. The US had the largest number of such firms, followed by the Netherlands, the UK and Canada, he said. The breaches have drawn new scrutiny to Microsoft's efforts to shore up its cybersecurity after a series of high-profile failures. The firm has hired executives from places like the US government and holds weekly meetings with senior executives to make its software more resilient. The company's tech has been subject to several widespread and damaging hacks in recent years, and a 2024 US government report described the company's security culture as in need of urgent reforms. The Center for Internet Security, which operates a cybersecurity information sharing system for state and local governments in the US, found more than 1,100 servers that are at risk from the SharePoint vulnerability, said Randy Rose, the organisation's vice president of security operations and intelligence. Rose said more than 100 were likely hacked. The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers. Eye Security was the first to identify that attackers were actively exploiting the vulnerabilities in a wave of cyberattacks that began on Friday, said Vaisha Bernard, the company's chief hacker and co-owner. Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems. The SharePoint vulnerabilities, known as 'ToolShell,' were first identified in May by researchers at a Berlin cybersecurity conference. In early July, Microsoft issued patches to fix the security holes, but hackers found another way in. 'There were ways around the patches,' which enabled hackers to break into SharePoint servers by tapping into similar vulnerabilities, said Bernard. 'That allowed these attacks to happen.' The intrusions, he said, were not targeted and instead were aimed at compromising as many victims as possible. After scanning about 8,000 SharePoint servers, Bernard said he has so far identified at least 50 that were successfully compromised. He declined to identify the identity of organisations that had been targeted, but said they included government agencies and private companies, including 'bigger multinationals.' The victims were located in countries in North and South America, the EU, South Africa, and Australia, he added. BLOOMBERG
